The result ons the number of monomials are obtained by running the code.Abstract from [Dobraunig, C., Rotella, Y., & Schoone, J. (2020). Algebraic and Higher-Order Differential Cryptanalysis of Pyjamask-96. IACR Transactions on Symmetric Cryptology, 2020(1), 289-312. DOI: https://doi.org/10.13154/tosc.v2020.i1.289-312]Cryptographic competitions, like the ongoing NIST call for lightweight cryptography, always provide a thriving research environment, where new interesting ideas are proposed and new cryptographic insights are made.One proposal for this NIST call that is accepted for the second round is Pyjamask.Pyjamask is an authenticated encryption scheme that builds upon two block ciphers, Pyjamask-96 and Pyjamask-128, that aim to minimize the number of AND operations at the cost of a very strong linear layer.A side-effect of this goal is a slow growth in the algebraic degree.In this paper, we focus on the block cipher Pyjamask-96 and are able to provide a theoretical key-recovery attack reaching 14 (out of 14) rounds as well as a practical attack on 8 rounds.We do this by combining higher-order differentials with an in-depth analysis of the system of equations gotten for 2.5 rounds of Pyjamask-96.The AEAD-scheme Pyjamask itself is not threatened by the work in this paper.In order to obtain the theoretical results for the key-recovery attack on 14 rounds, we needed to compute the number of monomials that would be present in the aforementioned system of equations.The deposited code is specifically written with this cipher and goal in mind.It is therefore usable to recheck the results indicated in Section 6.3 of the paper.Furthermore, one can adapt the code to compute the number of monomials present is a similar system of equations for a different cipher.