DonPAPI is a Dumping DPAPI Credz Remotely. DPAPI Dumping Lots of credentials are protected by DPAPI. We aim at locating those “secured” credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key (protecting TaskScheduled blob) Curently gathered info Windows credentials (Taskscheduled credentials & a lot more) Windows Vaults Windows RDP credentials AdConnect (still …