lsass-dump

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callback...

Hidedump:a lsassdump tools that may bypass EDR

"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. It...

By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be bypassed—restoring cleartext credentials despite the protection ap...

dump lsass

DLL injection, memory dump of process С++