LSASS process dumper with (mostly) NT API indirect syscalls. Currently undetected under many AV/EDR solutions.
.\NtDump.exe (Get-Process lsass).Id path_to_dumpflorylsk/NtDump
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
| Name | Name | Last commit date | ||
|---|---|---|---|---|
LSASS process dumper with (mostly) NT API indirect syscalls. Currently undetected under many AV/EDR solutions.
.\NtDump.exe (Get-Process lsass).Id path_to_dump