all InfoSec news
DuplicateDump - Dumping LSASS With A Duplicated Handle From Custom LSA Plugin
May 11, 2022, 9:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
DuplicateDump is a fork of MirrorDump with following modifications:
- DInovke implementation
- LSA plugin DLL written in C++ which could be clean up after dumping LSASS. MirrorDump compile LSA plugin as .NET assembly which would not be unloaded by LSASS process. That's why MirrorDump failed to delete the plugin.
- PID of dump process (i.e., DuplicateDump) is shared to LSA plugin through named pipe
- Passing value "0" instead of LSASS PID to MiniDumpWriteDump. This prevent MiniDumpWriteDump from opening its own handle to …
More from www.kitploit.com / KitPloit - PenTest Tools!
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research
1 day, 15 hours ago |
www.kitploit.com
Cookie-Monster - BOF To Steal Browser Cookies & Credentials
2 days, 15 hours ago |
www.kitploit.com
Sicat - The Useful Exploit Finder
1 week, 3 days ago |
www.kitploit.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Junior Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Associate Director, Operations Compliance and Investigations Management
@ Legend Biotech | Raritan, New Jersey, United States
Analyst, Cyber Operations Engineer
@ BlackRock | SN6-Singapore - 20 Anson Road
Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)
@ AVL | Regensburg, DE