Skip to main content

From Crash to Compromise: Unlocking the Potential of Windows Crash Dumps in Offensive Security

Windows crash dump files, frequently overlooked in offensive contexts despite their forensic value, contain several sensitive elements that threat actors can exploit for privilege escalation, credential harvesting, lateral movement, and data exfiltration.

Download file

sans-jason-mull-from-crash-compromise (PDF, 1.83MB)

9 May 2025
BySANS Institute
Share
All papers are copyrighted

No re-posting of papers is permitted

Related Content

Writing a Penetration Testing Report

Research Paper

Writing a penetration testing report is an art that needs to be learned to make sure that the report...

  • 29 Apr 2010

Subscribe to GIAC’s Monthly Newsletter

Receive expert insights, priority access to certifications, essential updates on regulatory changes and industry developments.