There are many version of Mimikatz, and today I’d like to share a C# port, “SharpKatz”.

SharpKatz has been developed by security researcher b4rtik, and released on Github [1].

The tool implements the Sekurlsa module of Mimikatz used for attacks such as pass-the-hash and pass-the-ticket, and provides the following functions:

  • list of Kerberos encryption keys
  • retrieve of user credentials from credential authentication providers (MSV, Kerberos, TSPKG, Windows Credential Manager, and WDigest)
  • dump of user credentials by username
  • dump of user credentials by GUID
  • export the entire dataset from Active Directory to a file created in the current user's temp folder