lsass
Here are 37 public repositories matching this topic...
Extract Windows credentials directly from VM memory snapshots and virtual disks
- Updated
- Rust
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
- Updated
- C#
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
- Updated
- C#
🔥📜 Forbidden collection of Red Team sorcery 📜🔥
- Updated
- C
KslDump — Why bring your own knife when Defender already left one in the kitchen?
- Updated
- Python
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
- Updated
- C#
Dumping LSASS with a duplicated handle from custom LSA plugin
- Updated
- C#
Dumping Windows Local Credentials Tools/Tricks
- Updated
- PowerShell
Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already saved SAM and SYSTEM hives.
- Updated
- C
Windows Hardening Powershell Scripts
- Updated
- PowerShell
By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be bypassed—restoring cleartext credentials despite the protection appearing active. Requires SYSTEM-level access and targets VBS-based defenses.
- Updated
- C++
A plugin for x64dbg that allows you to hook the Local Security Authority Subsystem Service process to extract all possible TLS(On handshake, Import, Export or Generate) keys from the operating system using the SeDebugPrivilege escalation to make malware analysis faster and easier.
- Updated
- CMake
Improve this page
Add a description, image, and links to the lsass topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the lsass topic, visit your repo's landing page and select "manage topics."