LSASS process dumper with (mostly) NT API indirect syscalls. Currently undetected under many AV/EDR solutions.
.\NtDump.exe (Get-Process lsass).Id path_to_dump-
Notifications
You must be signed in to change notification settings - Fork 4
florylsk/NtDump
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
Indirect NT syscalls LSASS dumper.
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published