qwqdanchun
/
SharpMiniDump
mirror of https://github.com/qwqdanchun/SharpMiniDump.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6 Commits 1 Branch 0 Tags 56 KiB
C# 100%
Go to file
b4rtik 7129fe8411 Add PssCaptureSnapshot 2019-12-03 22:59:38 +01:00
SharpMiniDump Add PssCaptureSnapshot 2019-12-03 22:59:38 +01:00
.gitattributes Initial commit 2019-09-15 14:30:45 +02:00
.gitignore Initial commit 2019-09-15 14:30:45 +02:00
LICENSE Initial commit 2019-09-15 14:30:45 +02:00
README.md First commit 2019-09-15 15:37:21 +02:00
SharpMiniDump.sln First commit 2019-09-15 15:37:21 +02:00

README.md

SharpMiniDump

Create a minidump of the LSASS process from memory (Windows 10 - Windows Server 2016). The entire process uses: dynamic API calls, direct syscall and Native API unhooking to evade the AV / EDR detection.

SharpMiniDump is a rough port of this project Dumpert by @Cn33liz and you will find the detail in this post, so BIG credits to him.

Other credits go to @cobbr_io and @TheRealWover for their work on SharpSploit (Execution / DynamicInvoke)