Skip to content

mendax0110/lsassDumper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
include
include
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
README.md
README.md
 
 

Repository files navigation

lsassDumper

LsassDumper is a utility designed to dump the Local Security Authority Subsystem Service (LSASS) process memory to a file. This can be useful for security analysis or debugging purposes.

Features

  • Enable Debug Privilege: Automatically enables the SE_DEBUG_NAME privilege required to access LSASS.
  • Modify LSA Protection: Temporarily disables LSA protection to allow for dumping.
  • Admin Check: Ensures the program is run with administrative privileges.
  • Dump LSASS: Dumps the LSASS process memory to a specified file.
  • Restore LSA Protection: Re-enables LSA protection after dumping.

Usage

To use LsassDumper, follow these steps:

Build Instructions

  1. Clone the repository
git clone https://github.com/mendax0110/lsassDumper.git
  1. Change directory to the cloned repository
cd lsassDumper
  1. Create the build directory
mkdir build
  1. Change directory to the build directory
cd build
  1. Build CMake files
cmake ..
  1. Build the project
cmake --build .

Usage

lsassDumper.exe -p <dump file path>

Supported Platforms

  • Windows

About

dump lsass

Topics

hacking hacking-tool red-team hacking-tools lsass lsass-dump

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages