Minidump Collection

◆

◆

◆

◆

⚔️Fighting

★★

“An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).”

◆

◆

◆

◆

🔮Psychic

★★

“Credentials gathering tool automating remote procdump and parse of lsass process.”

◆

◆

◆

◆

⚙️Steel

★★

“Type definitions, parsing, and analysis for the minidump file format.”

◆

◆

◆

◆

⚙️Steel

★

“Red teaming tool to dump LSASS memory, bypassing basic countermeasures.”

◆

◆

◆

◆

🔥Fire

★

“A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.”

◆

◆

◆

◆

🔥Fire

★

“This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callbacks to generate a memory dump of the cloned process”

◆

◆

◆

◆

⚙️Steel

★

“Collection of crates to deal with crashes”

◆

◆

◆

◆

🔮Psychic

★

“Inspect and capture minidump files. Includes stand alone library for reading minidump files.”

◆

◆

◆

◆

📦Normal

★

“Unofficial Windows build of gdb with added features.”

◆

◆

◆

◆

🔥Fire

★

“Cross-Platform, Efficient easy to integrate crash reporting library for modern C++”

◆

◆

◆

◆

🔥Fire

★

“😽🖥💥 Example MacOS, Windows, and Linux Qt application integrated with Crashpad.”

◆

◆

◆

◆

📦Normal

★

“Simple breakpad crash reports collecting server”

◆

◆

◆

◆

📦Normal

★

“[deprecated] Simple x64dbg plugin to save a full memory dump”