MultiDump – Bypassing Windows Defender to Dump and Extract LSASS Memory
MultiDump is a post-exploitation tool written in C that allows for the secret dumping and extraction of LSASS memory without triggering Defender alerts, utilizing a handler written in Python. MultiDump supports LSASS dumping through ProcDump.exe or comsvc.dll, providing two modes: local mode (which encrypts and stores the dump file locally) and remote mode (which sends … Read more