DumpGuard BOF Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems. This repository contains a Beacon Object File (BOF) implementation of DumpGuard, ported from the original C#/.NET implementation to...
DumpGuard is a credential dumping tool that can extract the NTLMv1 hashes of users on modern Windows systems. The tool relies on the Remote Credential Guard protocol, and allows credential dumping even when Credential Guard is enabled on...
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams). NTOpenProcessToken...
wcreddump On one hand, sam dumping tools are widely used, but surprisingly not very automated. On the other hand, WINHELLO pin-dumping tools barely exist. This simple and lightweight Python script is made to automate...
