NetExec icon indicating copy to clipboard operation
NetExec copied to clipboard
verified publisher icon Pennyw0rth

Considering adding NativeDump

Open FLX-0x00 opened this issue 6 months ago • 3 comments

https://github.com/ricardojoserf/NativeDump

Only want to bring this project to attention. It has different flavor branches for other languages. The project uses native NT API calls which are harder to keep track for EDR systems.

FLX-0x00 avatar Jun 20 '25 11:06 FLX-0x00

This looks like it's all ran locally, are the methods it uses available through remote APIs?

Marshall-Hallenbeck avatar Jun 20 '25 16:06 Marshall-Hallenbeck

Only as a smb module idea like nanodump, etc

FLX-0x00 avatar Jun 20 '25 16:06 FLX-0x00

My bet is that this should be PR'ed to Lsassy directly which is designed to handle all types of LSASS dump techniques ^^

Dfte avatar Jul 16 '25 11:07 Dfte