Link | Nanodump.x64.exe

Creates a minidump of the lsass.exe process.

Clone the official repo and compile with MinGW or MSVC: nanodump.x64.exe

While often used as a BOF, the standalone executable is frequently used in environments where a quick, reliable dump is needed: # Basic usage to dump to a specific file nanodump.x64.exe --write C:\temp\lsass.dmp # Using the Werfault technique for stealth nanodump.x64.exe --werfault --write lsass.dmp Use code with caution. Copied to clipboard How to Defend Against It? For defenders, NanoDump highlights the importance of: LSASS Protection: PPL (Protected Process Light) Creates a minidump of the lsass

MY BAG

SUBTOTAL

PROCEED TO CHECKOUT VIEW SHOPPING BAG
Your shopping bag is empty.
MY WISHLIST
VIEW WISHLIST
Your wishlist is empty.

Thanks for subscribing!

Continue shopping