๐ 50 Methods For Lsass Dump.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode ๐ต๏ธโโ๏ธ
Without going too deep into theory, Local Security Authority Subsystem Service (also known as LSASS) is a process (executable file C:\Windows\System32\lsass.exe) responsible for managing various authentication subsystems of the #Windows OS. Among his tasks: checking the โcredsโ of local and domain accounts during various scenarios of requesting access to the system, generating security tokens for active user sessions, working with Security Support Providers (SSP), etc.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode ๐ต๏ธโโ๏ธ