Memory Dump

If you find a .dmp file, we could analyze it via volatility tool and get user hashes, etc.

Syntax - python3 vol.py -f FILENAME.dmp --profile WINDONWSVERSION hashdump

Once you get hashes, you can try mimikatz to pass the hash.

Last updated