https://github.com/p0dalirius/hashes-harvester

Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.
https://github.com/p0dalirius/hashes-harvester

extractor forensics hive lm nt volatility windows

Last synced: about 1 month ago
JSON representation

Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.

• Host: GitHub
• URL: https://github.com/p0dalirius/hashes-harvester
• Owner: p0dalirius
• License: gpl-3.0
• Created: 2021-05-01T06:21:48.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2023-10-01T21:21:32.000Z (about 2 years ago)
• Last Synced: 2024-12-18T18:50:10.616Z (10 months ago)
• Topics: extractor, forensics, hive, lm, nt, volatility, windows
• Language: Shell
• Homepage: https://podalirius.net/
• Size: 223 KB
• Stars: 23
• Watchers: 2
• Forks: 4
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE

Awesome Lists containing this project

README

          
![](./.github/banner.png)



    Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.

    


    

    

    

    




![](./.github/example.png)

## Usage

```

Hashes-Harvester: Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.

Usage : winpass.sh MEMORYFILE

```

## Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.