diff --git a/pkgs/tools/security/creddump/default.nix b/pkgs/tools/security/creddump/default.nix
new file mode 100644
index 000000000000..d37c58a51591
--- /dev/null
+++ b/pkgs/tools/security/creddump/default.nix
@@ -0,0 +1,36 @@
+{ stdenv, fetchFromGitLab, python2, python2Packages }:
+
+python2Packages.buildPythonApplication rec {
+  pname = "creddump";
+  version = "0.3";
+
+  src = fetchFromGitLab {
+    owner = "kalilinux";
+    repo = "packages/creddump";
+    # url-encoding workaround: https://github.com/NixOS/nixpkgs/issues/65796#issuecomment-517829019
+    rev = "debian%2F${version}-1kali2"; # %2F = urlquote("/")
+    sha256 = "0r3rs2hggsvv619l3fh3c0jli6d3ryyj30ni3hz0nz670z5smzcf";
+  };
+
+  # No setup.py is available
+  dontBuild = true;
+  doCheck = false;
+  propagatedBuildInputs = [ python2Packages.pycrypto ];
+
+  installPhase = ''
+    mkdir -p ${placeholder "out"}/bin
+    cp -r framework ${placeholder "out"}/bin/framework
+    cp pwdump.py ${placeholder "out"}/bin/pwdump
+    cp cachedump.py ${placeholder "out"}/bin/cachedump
+    cp lsadump.py ${placeholder "out"}/bin/lsadump
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Python tool to extract various credentials and secrets from Windows registry hives";
+    homepage = "https://gitlab.com/kalilinux/packages/creddump";
+    license = licenses.gpl3;
+    platforms = platforms.unix;
+    maintainers = [ maintainers.fishi0x01 ];
+  };
+}
+
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index e4a091d967dd..00735014afbc 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -212,6 +212,8 @@ in
 
   onesixtyone = callPackage ../tools/security/onesixtyone {};
 
+  creddump = callPackage ../tools/security/creddump {};
+
   device-tree_rpi = callPackage ../os-specific/linux/device-tree/raspberrypi.nix {};
 
   diffPlugins = (callPackage ../build-support/plugins.nix {}).diffPlugins;