C# implementation of mimikatz/pypykatz minidump functionality to get credentials from LSASS dumps.
Usage
procdump64.exe -ma lsass.exe lsass.dmp
C:\minidump.exe lsass.dmp
Supported Credentials
- Lsa
- Msv
- Kerberos
- WDigest
- SSP
- TsPkg
- Credman
- Dpapi
- CloudAP
Todo
- LiveSSP
- NT5 Support
- x86 Support
Known Bugs
- Not finding all logon sessions
Acknowledgements
Minidump is based on the following projects and the work by the creators