LSASS needs an IVHello all, long time no see! In this article I’ll be showing some weirdness I found while parsing LSASS minidumps (as one does) in the last…Jun 1, 2022Jun 1, 2022
Duping AV with handlesIn this article I’m describing yet another way to bypass AV detection/blocking access to LSASS process for credential dumping.Nov 15, 2020Nov 15, 2020
Play with katz, get scratchedIn this article I’ll show step-by-step how to recover credentials even when paloalto’s Cortex XDR is “actively protecting” LSASS. If you…Nov 6, 2020Nov 6, 2020