all InfoSec news
Nanodump - A Crappy LSASS Dumper With No ASCII Art
May 1, 2022, 9:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
A flexible tool that creates a minidump of the LSASS process.
1. Features
- It uses syscalls (with SysWhispers2) for most operations.
- Syscalls are called from an ntdll address to bypass some syscall detections.
- It sets the syscall callback hook to NULL.
- Windows APIs are called using dynamic invoke.
- You can choose to download the dump without touching disk or write it to a file.
- The minidump by default has an invalid signature to avoid detection.
- It reduces the size …
art ascii lsass mimikatz nanodump syscalls userland windows windows exploitation
More from www.kitploit.com / KitPloit - PenTest Tools!
Jobs in InfoSec / Cybersecurity
XDR Detection Engineer
@ SentinelOne | Italy
Security Engineer L2
@ NTT DATA | A Coruña, Spain
Cyber Security Assurance Manager
@ Babcock | Portsmouth, GB, PO6 3EN
Senior Threat Intelligence Researcher
@ CloudSEK | Bengaluru, Karnataka, India
Cybersecurity Analyst 1
@ Spry Methods | Washington, DC (Hybrid)
Security Infrastructure DevOps Engineering Manager
@ Apple | Austin, Texas, United States