Deft_
Hey dude! Really nice PR! Is there a way you can retrieve the event log files without running additional execute() operation ?
Amazing!!! To be honest I'd rather have RPC being the default one as it will improve stealthness and allow attacker to dump credentials without rising alerts because of the execute...
Hey man! First, thanks for the PR. That is something I thought was missing as well. That said, I'd not print the [HISTORY] block as it breaks the NT hash...
Other than the [HISTORY] thing and the white spaces, looks good to me: 
Thank you very much,  Looks good to me :)
My bet is that this should be PR'ed to Lsassy directly which is designed to handle all types of LSASS dump techniques ^^
With the latests commits, -h will print protocole available modules: While -M module -h will print available options:
These commits allow running 3 modules entirely (adcs, schtask_as, shadowrdp):
These commits refactor cli.py and loadermodule so that cli.py retrievse the list of modules from loadermodule.py. It also makes sure that loaded modules do have specific attributes.
Okay! I'll rollback things you mentioned so that it matches current state :)!