pypykatz_wasm: pypykats in your browser

The pypykatz project’s LSASS and Registry HIVE parsing capability is now in your web browser!

How does it work

There is an awesome project called pyodide which aims to have a fully working python3 interpreter running in web assembly.
Web assembly, in a nutshell, allows your c/c++/go/… code to be compiled to a binary file which the JS engine in your browser can execute. Interfacing is via javascript (creeps me out tho)
The pyodide framework allows additional python packages to be included, so I made some extensions to pypykatz to make it play better with web assemblies interfaces (mostly adding byte-input based parsing) and asked ppl from thugcrowd to design a cool looking WebUI for it. When opening the page the JS kicks in and loads python which includes all necessary modules to run pypykatz. Then you’ll need to point it to the files you wish to parse. This will make the browser to read the file, store it in a JS variable, which will get passed to the python engine and then pypykatz. Easy. Pypykatz will then parse the file, store the output JSON in a global variable then switch back to the JS engine in your browser which will render the results from the said variable.

Download