There are many version of Mimikatz, and today I’d like to share a C# port, “SharpKatz”.
The tool implements the Sekurlsa module of Mimikatz used for attacks such as pass-the-hash and pass-the-ticket, and provides the following functions:
- list of Kerberos encryption keys
- retrieve of user credentials from credential authentication providers (MSV, Kerberos, TSPKG, Windows Credential Manager, and WDigest)
- dump of user credentials by username
- dump of user credentials by GUID
- export the entire dataset from Active Directory to a file created in the current user's temp folder