Frog
Frog
Yes, the acquisition portion would be done using other tools and would create a full dump file of the current physical memory. Would it be possible through volatility or any...
Currently I would like to be able to utilize all of the minidump parsing capabilities of a tool called mimicatz https://tools.thehacker.recipes/mimikatz/modules/sekurlsa/minidump I do not believe the windows.hashdump/lsadump cover all of...
Do you know if the plugin you created above would work for my scenario? I briefly looked at pypykatz a couple weeks ago but ended up going down a rabbit...
Also I noticed your dumpscan project it looks awesome. https://github.com/daddycocoaman/dumpscan I currently have a couple ways to gather my mem dumps using DFIR tools or windows error reporting but I...
Any update on using volatility3? I am trying to find a minidump creation module for lsass but maybe my google fu is not up to snuff. If you happen to...
that would be awesome if you have time! I currently would like to deploy this agent using a local administrator account present on the target machine.
having the same issue as well. super annoying.....