Update README.md

:)
Merge pull request #6 from 0xVoodoo/katz2
2026-05-05 23:38:25 +00:00 · 2025-02-21 18:47:44 -07:00 · 2025-02-21 18:46:48 -07:00 · 2025-01-31 13:04:06 -07:00
3 changed files with 83 additions and 1 deletions
@@ -1,6 +1,6 @@
 # Misadventures
 This is a set of Red and Purple team tools I've developed, mostly just for fun, but some may find them useful.

-Feel free to leave tips, comments, or suggestion in the comments, on my website at https://fr3ki.xyz or my twitter @Fr3ki_
+Feel free to leave tips, comments, or suggestion in the comments, on my website at https://0xVoodoo.sh

 Licence: https://www.gnu.org/licenses/gpl-3.0.html
@@ -0,0 +1,14 @@
+# Katz^2
+Katz Squared is a small python parser for Mimikatz log files, allowing for username/hash combos to be written to txt files, ready for use with Hashcat (you get the joke yet?) or John.
+
+---
+
+Usage: `katz2.py [-h] -f/--file -m/--mode`
+-
+**Modes:** 
+ - logonpasswords - Used for files containing the output of the mimikatz module of the same name.
+ - cache -- Used for files containing the output of the lsadump::cache mimikatz module
+ ---
+ **License:**
+ 
+ GPLv3 as all good software should be.
@@ -0,0 +1,68 @@
+import argparse
+
+parser = argparse.ArgumentParser()
+parser.add_argument("-f", "--file", help="Mimikatz output file", required=True)
+parser.add_argument("-m", "--mode", help="Mimikatz mode used to obtain the output logonpasswords|cache", required=True)
+args = parser.parse_args()
+
+def dump(creds):
+    if isinstance(creds, list) and len(creds) >= 2:
+        username = creds[0]
+        hsh = creds[1]
+        dumpfile = username+".txt"
+        with open(dumpfile, "w+") as df:
+            df.write(hsh)
+    else:
+        pass
+
+def sekurlsa():
+    filename = args.file
+    creds = []
+    with open(filename) as f:
+        for line in f:
+            if "authentication" in line.lower():
+                dump(creds)
+                creds = []
+            elif "username" in line.lower():
+                username = line.split(":")[1].strip()
+                if username.lower() in creds or username.lower() == "(null)":
+                    pass
+                else:
+                    creds.append(username.lower())
+            elif "ntlm" in line.lower():
+                ntlm = line.strip().split(":")[1].strip()
+                if ntlm in creds:
+                    pass
+                else:
+                    creds.append(ntlm)
+
+def cache():
+    filename = args.file
+    creds = []
+    with open(filename) as f:
+        for line in f:
+            if "nl$" in line.lower():
+                print(creds)
+                dump(creds)
+                creds = []
+            elif "user" in line.lower():
+                username = line.split(":")[1].strip()
+                if username.lower() in creds or username.lower() == "(null)":
+                    pass
+                else:
+                    creds.append(username.lower())
+            elif "mscachev2" in line.lower():
+                mscache = line.strip().split(":")[1].strip()
+                if mscache in creds:
+                    pass
+                else:
+                    creds.append(mscache)
+
+    print("[+] Credential pairs written to disk")
+
+if __name__ == "__main__":
+    match args.mode:
+        case "logonpasswords":
+            sekurlsa()
+        case "cache":
+            cache()
Author	SHA1	Message	Date
0xvoodoo	25b5d1a0af	Update README.md :)	2026-05-05 23:38:25 +00:00
0xVoodoo	fd06885fe5	Merge pull request #6 from 0xVoodoo/katz2 Creation of Katz^2	2025-02-21 18:47:44 -07:00
Fr3ki	c16d55fd32	Creation of Katz^2	2025-02-21 18:46:48 -07:00
Fr3ki	a7195c8a87	Merge pull request #5 from Fr3ki/Goose_DropperV2.1 Goose Dropper V2.1	2025-01-31 13:04:06 -07:00