Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/b4rtik/ATPMiniDump
Evading WinDefender ATP credential-theft
https://github.com/b4rtik/ATPMiniDump
Last synced: 13 days ago
JSON representation
Evading WinDefender ATP credential-theft
- Host: GitHub
- URL: https://github.com/b4rtik/ATPMiniDump
- Owner: b4rtik
- License: bsd-3-clause
- Created: 2019-11-29T19:49:54.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2019-12-02T15:01:22.000Z (over 4 years ago)
- Last Synced: 2024-02-29T00:40:40.091Z (4 months ago)
- Language: C
- Size: 18.6 KB
- Stars: 254
- Watchers: 5
- Forks: 51
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-game-security - ATPMiniDump Callback
README
# ATPMiniDump
Dumping LSASS memory with MiniDumpWriteDump on PssCaptureSnapShot to evade WinDefender ATP credential-theft.
Take a look at this [blog post](https://www.matteomalvica.com/blog/2019/12/02/win-defender-atp-cred-bypass/) for details.
ATPMiniDump was created starting from [Outflank-Dumpert](https://github.com/outflanknl/Dumpert) then big credits to [@Cneelis](https://twitter.com/Cneelis)