Create a minidump of the LSASS process from memory (Windows 10 - Windows Server 2016). The entire process uses: dynamic API calls, direct syscall and Native API unhooking to evade the AV / EDR detection.
SharpMiniDump is a rough port of this project Dumpert by @Cn33liz and you will find the detail in this post, so BIG credits to him.
Other credits go to @cobbr_io and @TheRealWover for their work on SharpSploit (Execution / DynamicInvoke)