{"id":22226575,"url":"https://github.com/5fingers/lsaexplorer","last_synced_at":"2026-04-13T18:03:26.263Z","repository":{"id":265855080,"uuid":"896741695","full_name":"5Fingers/LSAExplorer","owner":"5Fingers","description":"A .NET tool for interacting with Windows LSA secrets, manipulating privileges, and token impersonation","archived":false,"fork":false,"pushed_at":"2024-12-01T07:39:15.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-25T08:42:38.281Z","etag":null,"topics":["dotnet","local-security-authority","lsa","windows"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/5Fingers.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-01T07:14:39.000Z","updated_at":"2024-12-01T07:43:28.000Z","dependencies_parsed_at":null,"dependency_job_id":"1a764ba4-7e0a-4f37-b995-8d1f8494c294","html_url":"https://github.com/5Fingers/LSAExplorer","commit_stats":null,"previous_names":["5fingers/lsaexplorer"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/5Fingers/LSAExplorer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5Fingers%2FLSAExplorer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5Fingers%2FLSAExplorer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5Fingers%2FLSAExplorer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5Fingers%2FLSAExplorer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/5Fingers","download_url":"https://codeload.github.com/5Fingers/LSAExplorer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/5Fingers%2FLSAExplorer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31764317,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-13T15:25:13.801Z","status":"ssl_error","status_checked_at":"2026-04-13T15:25:09.162Z","response_time":93,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotnet","local-security-authority","lsa","windows"],"created_at":"2024-12-03T00:30:58.451Z","updated_at":"2026-04-13T18:03:26.253Z","avatar_url":"https://github.com/5Fingers.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"![version](https://img.shields.io/badge/version-1.0-blue)\n![python versions](https://img.shields.io/badge/.NET-\u003e=4.7.2-blue)\n[![Windows](https://img.shields.io/badge/os-windows-yellow)](https://github.com/scito/extract_otp_secrets/releases/latest)\n# LSAExplorer\n\nLSAExplorer is a C# .NET tool designed to interact with the Windows Local Security Authority (LSA), manipulate privileges, impersonate tokens, and access sensitive registry secrets. It provides detailed insights into LSA secrets and allows for privilege elevation for advanced operations.\n\n---\n\n## Features\n\n- **LSA Secret Management**: Access and retrieve sensitive LSA secrets and their timestamps from the registry.\n- **Privilege Elevation**: Elevate the current process to SYSTEM-level privileges using token manipulation.\n- **Token Impersonation**: Open and duplicate tokens to impersonate logged-on users.\n- **Registry Secret Access**: Interact with and retrieve registry keys under `HKLM\\SECURITY\\Policy\\Secrets`.\n- **Winlogon Process Query**: Automatically locate the `winlogon` process ID for SYSTEM impersonation.\n\n---\n\n## Usage\n\n1. Clone the repository:\n   ```bash\n   git clone https://github.com/yourusername/LSAExplorer.git\n   cd LSAExplorer\n   ```\n\n2. Open the solution in **Visual Studio**.\n\n3. Build the project for your target platform (x64/x86).\n\n4. Run the compiled executable with Administrator privileges.\n\n5. Launch the executable with elevated privileges:\n   ```bash\n   LSAExplorer.exe\n   ```\n\n6. The tool will:\n   - Attempt to open and query registry keys under `HKLM\\SECURITY\\Policy\\Secrets`.\n   - Elevate privileges to SYSTEM if required (optional).\n   - Read and display LSA secrets, including current and old values along with timestamps.\n\n7. Logs and output will be displayed in the console.\n\n---\n\n## Disclaimer\n\nThis tool is intended for **Ethical and Educational Use Only!**\u003cbr\u003e Use it only in environments where you have explicit permission to perform security operations.\u003cbr\u003e The author are not liable for any misuse or damages caused by this tool.\n\n---\n\n## License\n\nLSAExplorer is released under the [MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F5fingers%2Flsaexplorer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F5fingers%2Flsaexplorer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F5fingers%2Flsaexplorer/lists"}