Packages and Binaries:


Implement all the DPAPI logic of SharpDPAPI and DPAPI, usable with a Python interpreter.

Installed size: 276 KB
How to install: sudo apt install python3-dploot

  • python3
  • python3-cryptography
  • python3-impacket
  • python3-lxml
  • python3-pyasn1
root@kali:~# dploot -h
usage: dploot [-h] [-debug] [-quiet]

DPAPI looting remotely in Python. Version 2.7.2

positional arguments:
    certificates        Dump users certificates from remote target
    credentials         Dump users Credential Manager blob from remote target
    masterkeys          Dump users masterkey from remote target
    vaults              Dump users Vaults blob from remote target
    backupkey           Backup Keys from domain controller
    rdg                 Dump users saved password information for
                        RDCMan.settings from remote target
    sccm                Dump SCCM secrets (NAA, Collection variables, tasks
                        sequences credentials) from remote target
    triage              Loot Masterkeys (if not set), credentials, rdg,
                        certificates, browser and vaults from remote target
    machinemasterkeys   Dump system masterkey from remote target
    machinecredentials  Dump system credentials from remote target
    machinevaults       Dump system vaults from remote target
                        Dump system certificates from remote target
    machinetriage       Loot SYSTEM Masterkeys (if not set), SYSTEM
                        credentials, SYSTEM certificates and SYSTEM vaults
                        from remote target
    browser             Dump users credentials and cookies saved in browser
                        from remote target
    wifi                Dump wifi profiles from remote target
    mobaxterm           Dump Passwords and Credentials from MobaXterm

  -h, --help            show this help message and exit
  -debug                Turn DEBUG output ON
  -quiet                Only output dumped credentials

Updated on: 2024-May-28