A simple script in C which calls the MiniDump function to dump LSASS process and store it on the disk. To extract passwords from it, transfer it to another Windows machine, Load it using mimikatz and extract logon passwords from it.
- https://www.ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass
- https://www.whiteoaksecurity.com/blog/minidumpdotnet-part-1/
- https://learn.microsoft.com/en-us/windows/win32/api/minidumpapiset/nf-minidumpapiset-minidumpwritedump