lsass

There are 24 repositories under lsass topic.

  • fortra/nanodump

    The swiss army knife of LSASS dumping

    Language:C1.8k3228239
  • spraykatz

    aas-n/spraykatz

    Credentials gathering tool automating remote procdump and parse of lsass process.

    Language:Python753279122

  • ricardojoserf/NativeDump

    Dump lsass using only Native APIs by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

    Language:C#4677465

  • ricardojoserf/TrickDump

    Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!

    Language:C#3541139

  • CCob/MirrorDump

    Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory

    Language:C#2608260

  • kindtime/nosferatu

    Windows NTLM Authentication Backdoor

    Language:C++2366046

  • Hagrid29/DuplicateDump

    Dumping LSASS with a duplicated handle from custom LSA plugin

    Language:C#1992122

  • TheKingOfDuck/hashdump

    Dumping Windows Local Credentials Tools/Tricks

    Language:PowerShell673026

  • jbaines-r7/dellicious

    Enabled / Disable LSA Protection via BYOVD

    Language:C++624011

  • Retr0-code/hash-dumper

    Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already saved SAM and SYSTEM hives.

    Language:C161184

  • cl4ym0re/sysMiniDumpWD

    A lsass dump tool using MiniDumpWriteDump & syscall(NtOpenProcess) technique. only tested on windows 11 with defender enabled:-)

    Language:C14102

  • jkerai1/WindowsHardeningScripts

    Windows Hardening Powershell Scripts

    Language:PowerShell10211

  • lassehauballe/Shellcode-Minidumpwritedump

    Shellcode for creating a minidump file of the lsass.exe process.

    Language:Python10104

  • keowu/WinHandKill

    A plugin for x64dbg that allows you to hook the Local Security Authority Subsystem Service process to extract all possible TLS(On handshake, Import, Export or Generate) keys from the operating system using the SeDebugPrivilege escalation to make malware analysis faster and easier.

    Language:CMake7222

  • zodi4cx/OpenSesame

    A bootkit to bypass Windows login (WIP)

    Language:Rust6130

  • saif-mahmud/Crypto-Lab

    CSE 4118 Cryptography and Security Lab

    Language:C++5000

  • dvs17/mimicom

    Dump lsass with windows client and extract creds with pypykatz

    Language:Python4200

  • FOGSEC/SafetyKatz

    SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

    Language:C#330

  • k4sth4/lsass-dump

    Dump Hashes From lsass

    3101

  • okankurtuluss/LSASSExtractor

    LSASSExtractor is a lightweight tool designed to capture memory dumps of the LSASS process on Windows systems. By leveraging the Windows API, it locates the target process and creates a memory dump, which can be analyzed to extract sensitive information such as passwords, encryption keys, and authentication tokens.

    Language:C++3100

  • ricardojoserf/lsass-dumper

    Dump lsass.exe generating a file with the hostname and date in txt format using C++.

    Language:C++3101
  • LeakGuard

    xiosec/LeakGuard

    LeakGuard is a project to prevent the use of leaked passwords.

    Language:Go3100

  • mendax0110/lsassDumper

    dump lsass

    Language:C++1100

  • mazyaar/lsass_memory

    Adversaries commonly abuse the Local Security Authority Subsystem Service (LSASS) to dump credentials for privilege escalation, data theft, and lateral movement. The process is a fruitful target for adversaries because of the sheer amount of sensitive information it stores in memory.

    10