Skip to content
/ DumpThatLSASS Public
forked from peiga/DumpThatLSASS

Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.

0 stars 79 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

iMHLv2/DumpThatLSASS

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
MiniDump
MiniDump
 
 
README.md
README.md
 
 

Repository files navigation

DumpThatLSASS

It's Fully Undetectable and bypass almost all the vendors AV/EDRs, it doesn't bypass RunAsPPL

Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation, duplicate lsass handle from existed processes.

The execution may take time, bcz of sandboxing check

MiniLSASS

DumpThatLsass

About

Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 100.0%