Hekatomb

Description

Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers. Finally, it will extract domain controller private key through RPC uses it to decrypt all credentials.

Names

Name
Hekatomb

Type

Credential stealer

Information

https://github.com/Processus-Thief/HEKATOMB

Other Information

Uuid

8bc73d19-39c1-47d6-afcc-1bf3f8227032

Last Card Change

2023-11-29

Threat Intelligence Garden

Explorer

Hekatomb

Hekatomb

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks