Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
-
Updated
Apr 27, 2024 - C#
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Hidedump:a lsassdump tools that may bypass EDR
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
Add a description, image, and links to the lsass-dump topic page so that developers can more easily learn about it.
To associate your repository with the lsass-dump topic, visit your repo's landing page and select "manage topics."