September 20, 2021 at 09:45PM

■■■■■ A (v3.5 compatible) .NET tool for stealing and importing certificates in the Windows certificate store without touching disk. Useful for red team operations where you need to poach a certificate for pivoting purposes and want to do so with an in-memory post-ex payload.

This is similar to Benjamin Delpy’s Mimikatz.