Post #1496

Extracts Windows SAM and SYSTEM files using Volume Shadow Copy Service (VSS) with multiple exfiltration options and XOR obfuscation: Lists Volume Shadow Copies using VSS and creates one if necessary Extracts SAM and SYSTEM files from the Shadow Copy Uses NT API calls for file operations (NtCreateFile, NtReadFile, NtWriteFile) Supports XOR encoding for obfuscation Exfiltration methods: Local save or Network transfer https://github.com/ricardojoserf/SAMDump