Kernelkatz & KernelTool

Kernelkatz & KernelTool Demo Video

Dump hashes of logged-in users by reading LSASS memory through a kernel driver.

Kernelkatz & KernelTool is one of the many tools in Fortra’s Outflank Security Tooling (OST), an elite toolset developed by and made for advanced red teams. Kernelkatz leverages a vulnerable driver to read LSASS memory and dump hashes, using a fresh driver that is not blocked by Device Guard so it can bypass LSA protections. KernelTool can then be used to remove process protections and modify callbacks.  

Learn More

For more information about OST, you can view our datasheet here. Follow us on Twitter where we periodically illustrate some of our tools, or schedule a live demonstration.