Dump LSASS memory

LSASS is a Windows process for enforcing security policies. It is stored in memory and it can be dumped to disk, often done as a precuror to analyzing the dump with a credential dumper like Mimikatz.
View Command

You must be logged in to view this TTPs command.


Test this TTP

Download Operator (1.7.1)