Spraykatz : Credentials Gathering Tool Automating Remote Procdump & Parse Of Lsass Process

Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.

It simply tries to procdump machines and parse dumps remotely in order to avoid detection by antivirus software as much as possible.

Installation

This tool is written for python>=3. Do not use this on production environments!

Ubuntu

On a fresh updated Ubuntu.

apt update
apt install -y python3.6 python3-pip
git nmap git clone –recurse-submodules https://github.com/aas-n/spraykatz.git
cd spraykatz
pip3 install -r requirements.txt

Also Read – Silver : Mass Scan IPs For Vulnerable Services

Using Spraykatz

A quick start could be:

./spraykatz.py -u H4x0r -p L0c4L4dm1n -t 192.168.1.0/24

Mandatory Arguments

SwitchesDescription
-u, –usernameUser to spray with. He must have admin rights on targeted systems in order to gain remote code execution.
-p, –passwordUser’s password or NTLM hash in the LM:NT format.
-t, –targetsIP addresses and/or IP address ranges. You can submit them via a file of targets (one target per line), or inline (separated by commas).

Optional Arguments

SwitchesDescription
-d, –domainUser’s domain. If he is not member of a domain, simply use -d . instead.
-v, –verbosityVerbosity mode {warning, info, debug}. Default == info.
R K

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

1 day ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

1 day ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

1 day ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

1 day ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

1 day ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

1 day ago