Skip to content

Version 3.1.0
Compare
Choose a tag to compare
@Hackndo Hackndo released this 10 Dec 17:16
· 148 commits to master since this release
v3.1.0
703dc86
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Features

  • Add --copy parameter to copy "cmd.exe" or "powershell.exe" to C:\Windows\Temp with a random name before using them for command execution
  • Add EDRSandBlast dump method from th3m4ks and Qazeer technique. It will upload their executable, and the vulnerable driver to remove EDR kernel callbacks, dump lsass, and restore EDR kernel callbacks.
  • Add nanodump method from s4ntiago_p
  • Add Rdrleakdiag technique technique from 0gtweet

Improvements

  • Refactor dependencies to make it easier to create new dump modules based on compiled tools
  • Possibility to host tools on a SMB server and provide the share path to lsassy
  • Automatic listing of dump methods and execution methods in help
  • Update comsvcs_stealth technique using cyb3rops tweet info
Assets 4
Loading