• Stars
    star
    204
  • Rank 192,063 (Top 4 %)
  • Language
    PowerShell
  • License
    MIT License
  • Created about 6 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PowerShell module for Mimikatz

poshkatz

poshkatz is a PowerShell module for Mimikatz that has a number of cool features!

Brought to you by:
Adam Driscoll
Lee Berg

Features

Mimiktaz tab expansion "autocomplete"

Autocompletes mimikatz commands, parameters and paramter values.

Cmdlet wrappers for Mimikatz features

  • Export-MKKerberosTicket
  • Get-MKCredentialVault
  • Get-MKCredentialVaultCredential
  • Get-MKKerberosTicket
  • Get-MKLogonPassword
  • Get-MKLsaCache
  • Get-MKLsaSam
  • Get-MKLsaSecret
  • Get-MKTicket
  • Grant-MKKerberosGoldenTicket
  • Invoke-MKDcSync
  • Invoke-MKPassTheHash

Convert Mimikatz output into PowerShell Objects

PS C:\> mimikatz sekurlsa::logonpasswords exit | ConvertFrom-MKOutput -OutputType LogonPasswords


Domain           : Window Manager
NTLMHash         :
UserName         : DWM-1
SID              : S-1-5-90-1
Password         : (null)
LogonTime        : 10/16/2018 11:27:50 AM
SHA1Hash         :
LogonServer      : (null)
AuthenticationId : 0 ; 48064 (00000000:0000bbc0)
Session          : Interactive from 1

Domain           : IRONMAN
NTLMHash         :
UserName         : IRONMANDC1$
SID              : S-1-5-20
Password         : (null)
LogonTime        : 10/16/2018 11:27:50 AM
SHA1Hash         :
LogonServer      : (null)
AuthenticationId : 0 ; 996 (00000000:000003e4)
Session          : Service from 0

Getting Started

  1. Install git
  2. Install posh-git via PowerShell

    install-module posh-git

  3. Build or Download a fresh copy of mimikatz
  4. Ensure mimikatz.exe is in your environmental PATH variables
  5. Import the poshkatz module

    Import-Module poshkatz.psd1

  6. Have some fun

    Get-MKLogonPassword

Shout out

This project was heavily based on posh-git.