A lightweight batch script for extracting saved WiFi profiles and passwords on Windows systems. For authorized security assessments and educational purposes only.
This tool is intended for:
- Penetration testing on systems you own or have written permission to test
- Forensic analysis of your own systems
- Educational purposes in controlled lab environments
Unauthorized use against systems you don't own is illegal.
The script uses legitimate Windows netsh commands to export saved WiFi profiles:
@echo off
cd /d "%~dp0"
mkdir "wifi_dumps" 2>nul
netsh wlan export profile key=clear folder="wifi_dumps" >nul
exit✅ Exports all saved WiFi profiles to XML files
✅ Extracts plaintext passwords (requires admin privileges)
✅ Silent operation with no console output
✅ Creates organized output folder
✅ Windows 7/8/10/11
✅ Administrator privileges
✅ Previously connected WiFi networks
✅ Run as Administrator
✅ Script creates wifi_dumps folder in the same directory
✅ Find exported profiles as Wi-Fi-*.xml files
✅ Monitor for netsh wlan export command execution
✅ Look for rapid creation of XML files in unusual locations
✅ Windows Event ID 4688 (Process Creation)
✅ Remove stored WiFi profiles when not needed
✅ Use netsh wlan delete profile name="*"
✅ Limit admin privileges
LaZagne - Multi-platform credential recovery
Mimikatz - Windows security testing