mimikittenz – Extract Plain-Text Passwords From Memory

The New Acunetix V12 Engine


mimikittenz is a post-exploitation powershell tool that utilizes the Windows function ReadProcessMemory() in order to extract plain-text passwords from various target processes.

mimikittenz - Extract Plain-Text Passwords From Memory

The aim of mimikittenz is to provide user-level (non-admin privileged) sensitive data extraction in order to maximise post exploitation efforts and increase value of information gathered per target.

NOTE: This tool is targeting running process memory address space, once a process is killed it’s memory ‘should’ be cleaned up and inaccessible however there are some edge cases in which this does not happen.

Features

Currently mimikittenz is able to extract the following credentials from memory:


Webmail

  • Gmail
  • Office365
  • Outlook Web

Accounting

  • Xero
  • MYOB

Remote Access

  • Juniper SSL-VPN
  • Citrix NetScaler
  • Remote Desktop Web Access 2012

Development

  • Jira
  • Github
  • Bugzilla
  • Zendesk
  • Cpanel

IHateReverseEngineers

  • Malwr
  • VirusTotal
  • AnubisLabs

Misc

  • Dropbox
  • Microsoft Onedrive
  • AWS Web Services
  • Slack
  • Twitter
  • Facebook

You can download mimikittenz here:

Invoke-mimikittenz.ps1

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking

, ,


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


Comments are closed.