Skip to content
/ volatility_mimikatz Public

基于volatility框架的mimikatz插件,实现从Windows vista,Windows 7休眠文件中提取明文密码,在原基础上增加Windows 8的支持。

5 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cofarmer/volatility_mimikatz

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Hibr2Bin.exe
Hibr2Bin.exe
 
 
README.md
README.md
 
 
mimikatz.py
mimikatz.py
 
 

Repository files navigation

volatility_mimikatz

基于volatility框架的mimikatz插件,实现从Windows vista,Windows 7休眠文件中提取明文密码,在原基础上增加Windows 8的支持。 由于volatility目前不支持Win7以上系统的休眠文件的解析,可以通过hibr2bin.exe工具将Win8休眠文件转为原始内存镜像文件,然后通过mimikatz.py插件进行明文密码提取。

参考:

https://github.com/gentilkiwi/mimikatz

https://github.com/RealityNet/hotoloti/tree/master/volatility

About

基于volatility框架的mimikatz插件,实现从Windows vista,Windows 7休眠文件中提取明文密码,在原基础上增加Windows 8的支持。

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages