DumpGuard is a credential dumping tool that can extract the NTLMv1 hashes of users on modern Windows systems.

The tool relies on the Remote Credential Guard protocol, and allows credential dumping even when Credential Guard is enabled on the local host. You may download prebuilt copies from the release section of this repository.

Disclaimer: This tool is provided strictly for educational and legitimate testing purposes only. The author of this repository does not condone or support any type of misuse and assumes no responsibility for damages or legal consequences incurred as a result of using this tool.

The following table depicts the different techniques supported by the program as well as their requirements and their ability to dump credentials protected by Credential Guard.

To dump an NTLMv1 response for the current user from an unprivileged context, we can authenticate towards an SPN-enabled account using Remote Credential Guard, and leverage the established security context to request an NTLMv1 hash from the NtlmCredIsoRemote interface.

This works regardless of the state of Credential Guard, but requires credentials for an SPN-enabled account.

Privilege Requirement: None.

DumpGuard.exe /mode:self /domain:<DOMAIN> /username:<SAMACCOUNTNAME> /password:<PASSWORD> [/spn:<SPN>]

To dump NTLMv1 responses for all currently authenticated users from a privileged SYSTEM context, we can impersonate tokens from running processes, then authenticate towards an SPN-enabled account using Remote Credential Guard, and leverage the established security context to request an NTLMv1 hash from the NtlmCredIsoRemote interface.

This works regardless of the state of Credential Guard, but requires credentials for an SPN-enabled account.

Privilege Requirement: SYSTEM.

DumpGuard.exe /mode:all /domain:<DOMAIN> /username:<SAMACCOUNTNAME> /password:<PASSWORD> [/spn:<SPN>]

To dump NTLMv1 responses for all currently authenticated users from a privileged SYSTEM context, we can interact with the NTLM SSP and request responses for each individual logon session ID.

This works only under the following conditions:

• Credential Guard is disabled on the local system (we can extract from all local sessions).
• Remote users are authenticated to the local system from a remote host over Remote Credential Guard.

Privilege Requirement: SYSTEM.

DumpGuard.exe /mode:all

This attack can also be carried out using LSA Whisperer with the following command:

lsa-whisperer.exe msv1_0 Lm20GetChallengeResponse --luid {session id} --challenge {challenge to clients} [flags...]

I have reverse engineered and recreated all the interfaces exposed by Credential Guard (LsaIso.exe) and included them in this repository, in case anyone wants to conduct further research.

As of October 2025, the following interfaces are implemented:

• BCryptIum
• CloudApIum
• KerberosIum
• LsaIsoMgmtIum
• NtlmIum
• ProvIum

Thank you to SpecterOps for supporting this research and to my coworkers who have helped with its development.

• Elad Shamir - for inspiring this tool and research, and for offering valuable perspective and encouragement whenever I hit a wall.
• Evan McBroom - for sharing useful insights on LSA internals and providing ASN.1 encoders for most of the structures used in this project.

• LSA Whisperer (Evan McBroom) - A toolset for interacting with authentication packages.
• Rubeus (Will Schroeder, Charlie Clark) - A C# toolset for raw Kerberos interaction and abuses.
• Mimikatz (Benjamin Delpy) - A little tool to play with Windows security.
• Kekeo (Benjamin Delpy) - A little toolbox to play with Microsoft Kerberos in C.

• Oliver Lyak (2022) - To my knowledge, the only public research on dumping credentials protected by Credential Guard.
• James Forshaw (2022, 2022, 2022, 2022) - Vulnerability submissions that slightly documents some of the undocumented interfaces that we have researched.