lsassy - Python library to remotely extract credentials.
The way Windows is designed, when it stores passwords, it uses lsass.exe, which is the Local Security Authority Subsystem Service.
- So, when you go to your taskbar, and find the process, creating a dump file from it, saving it, contains logon credentials inside. There are various tools like the ones we posted about mimikaktz, you could use it on that dump file, sekurlsa:logonpasswords, will dump the password in
This technique is used in post exploitation, but using mimikatz touches disk, and sometimes hackers want to be as silent as possible, and know that from before, depending on the setup of the target machine, therefore lsassy by HacknDo is a tool that extracts and dumps this info Without touching disk, directly from the memory, using advanced and different ways like procdump, comsvsc.sll, crackmapexec, and extracting credentials from lsass remotely.
GitHub Link: https://github.com/blackhatethicalhacking/lsassy