Memory Dump
If you find a .dmp file, we could analyze it via volatility tool and get user hashes, etc.
Syntax - python3 vol.py -f FILENAME.dmp --profile WINDONWSVERSION hashdump
Once you get hashes, you can try mimikatz to pass the hash.
Last modified 1yr ago