-
Notifications
You must be signed in to change notification settings - Fork 384
live dpapi cred command
skelsec edited this page Apr 14, 2021
·
1 revision
Decrypts a credential file using the current user's context.
It has the plaintext secrets, but it's not possible to tell in which filed they are stored. You'll need to check them by hand :)
- The credential file
None
None
-
pypykatz live dpapi cred CREDFILE: Decrypts the credentials file.