Skip to content

Releases: Offensive-Panda/ShadowDumper

LsassDumpingV2.0

02 Mar 09:03
@Offensive-Panda Offensive-Panda
LsassDumpingV2.0
f7a5022
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
LsassDumpingV2.0 Latest
Latest

Version: v2.0
Compatibility: Windows (x64) [tested with x64 build] on Windows 10 Version 22H2 (OS build 19045.5487) with major 10.0
(Note: You may face issues on latest releases in some methods, this can be due to version of mimikatz)

What's Inside:
ShadowDumper.exe: The main executable for dumping lsass memory. (x64 build)

New Key Features:

Double XOR before writing the dump file on disk.
Token Elevation using Injection
SAM Dumping using Injection
Vault Credential extraction using Injection

Assets 3
Loading

LsassDumping

10 Nov 17:44
@Offensive-Panda Offensive-Panda
LsassDumping
cce4c77
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
LsassDumping

Version: v1.0
Compatibility: Windows (x64) [tested with x64 build] on Windows 10 Version 22H2 (OS build 19045.5487) with major 10.0
(Note: You may face issues on latest releases in some methods, this can be due to version of mimikatz)

What's Inside:
ShadowDumper.exe: The main executable for dumping lsass memory. (x64 build)

Key Features:
Unhooked Injection (Modified Mimikatz Binary)
Unhooked Injection (Direct Syscalls with MDWD)
Simple MiniDumpWriteDump API
MINIDUMP_CALLBACK_INFORMATION Callbacks
Process Forking Technique
Direct Syscalls with MiniDumpWriteDump
Native Dump with Direct syscalls (Offline Parsing)

Loading