Replaces manual Active Directory credential harvesting with an automated Python-based DPAPI decryption engine. It leverages Domain Backup Keys to extract and decrypt secrets from all domain-joined computers simultaneously.
Tech Stack
PythonSecurity & Passwords
Why HEKATOMB?
• Automates complex decryption
• Retrieves secrets from all users
• Uses legitimate admin protocols
Limitations
• Requires high-level privileges
• Easily detected by EDR
• Python dependency on target
3/4/2026
Last Update
59
Forks
2
Issues
GPL-3.0
License
Financial Leak Detected
Stop the "SaaS Tax"
Your team could be burning cash. Switching to HEKATOMB instantly boosts your runway.
