Skip to main content

Python library to parse remote lsass dumps

Project description


PyPI version Twitter


Python library to remotely extract credentials on a set of hosts. This blog post explains how it works.

This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials.

Chapters Description
Requirements Requirements to install lsassy from source
Documentation Lsassy documentation
CrackMapExec Module Link to CrackMapExec module included in this repository
Issues Read this before creating an issue
Acknowledgments Kudos to these people and tools
Contributors People contributing to this tool


  • Python >= 3.6


The tool is fully documented in the project's wiki




CrackMapExec module


* Kerberos authentication support (Thank you laxa for PR)
* Add CME module for python3
* Update bloodhound queries for BloodHound3
* Bug fixes

* Multiprocessing support to dump credentials on multiple hosts at a time
* Add new dumping method using "dumpert"
* Can be used as a library in other python projects
* Syntax changed to be more flexible
* Complete code refactoring, way more organized and easy to maintain/extend
* Better error handling
* Complete wiki

* Better execution process : --method flag has been added and described in help text
* Uses random dump name
* Chose between cmd, powershell, dll and/or procdump methods
* CME module is now using light lsassy WMIExec et TASKExec implementation
* Bug fixes

* Built-in lsass dump
** Lsass dump using built-in Windows
** Lsass dump using procdump (using -p parameter)
* Add --dumppath to ask for remote parsing only
* Code refactoring
* Add --quiet to quiet output

* Add BloodHound option to CME module (-o BLOODHOUND=True)
    - Set compromised targets as "owned" in BloodHound
    - Check if compromised users have at least one path to domain admin
* Custom parsing (json, grep, pretty [default])
* New --hashes option to lsassy
* Include CME module in repository
* Add credentials to CME database

First release


  • Impacket
  • SkelSec for Pypykatz, but also for his patience and help
  • mpgn for his help and ideas


Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for lsassy, version 2.1.3
Filename, size File type Python version Upload date Hashes
Filename, size lsassy-2.1.3-py3-none-any.whl (25.9 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size lsassy-2.1.3.tar.gz (20.5 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page