core-jmp

core-jmp

death of core jump

  • Home
  • About
  • Privacy Policy

HomeMS-LSAD

Posts in category: MS-LSAD

Silent Harvest: Extracting Windows Secrets Under the Radar

Silent Harvest: Extracting Windows Secrets Under the Radar

March 14, 2026
by oxfemale BypassingEDRLSAMS-LSADMS-SAMRpowershellpowershellSAMwinapiwinapiwindows

“Silent Harvest” explains how attackers can quietly extract sensitive Windows secrets such as credentials and security keys by abusing legitimate registry and system mechanisms, avoiding LSASS dumping and bypassing many common EDR detections.

Read More

Recent Posts

  • Crimes against NTDLL – Implementing Early Cascade Injection
  • How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
  • Active Directory Security Assessment: Password Spraying, Privilege Escalation, and Kerberoasting
  • Reverse engineering undocumented Windows Kernel features to work with the EDR
  • Silent Harvest: Extracting Windows Secrets Under the Radar

Recent Comments

No comments to show.

Archives

  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Categories

  • access
  • ACE
  • ACL
  • Active Directory
  • AD CS
  • Administrator
  • alloc
  • ALPC
  • Antivirus
  • APC
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BitLocker
  • Bluetooth
  • BSoD
  • buffer overflow
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • CLFS
  • cmd
  • Containers
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • Debug
  • Defender
  • DEP
  • DFIR
  • DMA
  • Driver
  • dump
  • EDR
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • exploitation
  • filesystem
  • firmware
  • Flash
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • impact
  • Injection
  • IoT
  • kernel
  • kernel-mode
  • Library
  • Linux
  • LNK
  • Loader
  • LSA
  • Malware
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Protection
  • PXE
  • QEMU
  • RCE
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • Rust
  • SAM
  • Secure Boot
  • Security
  • shellcode
  • Shortcut
  • STM32H5
  • TEB
  • Telegram
  • TPM
  • UAC
  • UART
  • Uncategorized
  • user-mode
  • Warbird
  • WASM
  • winapi
  • winapi
  • WinDBG
  • windows
Log in
© 2026 core-jmp. All rights reserved.
Shopping Basket