# Data Exfiltration

- [Extracting certs/private keys from Windows using mimikatz and intercepting calls with burpsuite](/credentials-exfiltration/extracting-certs-private-keys-from-windows-using-mimikatz-and-intercepting-calls-with-burpsuite.md): Extracting certs/private keys from certificates that disable private key exporting and use BurpSuite to intercept the requests.
- [Doppelganger: Cloning and Dumping LSASS (Win11)](/credentials-exfiltration/doppelganger-cloning-and-dumping-lsass-win11.md)
- [Recovery lsass.dmp from Defender Quarantine](/credentials-exfiltration/recovery-lsass.dmp-from-defender-quarantine.md): Decrypt Windows Defender quarantined files using Microsoft’s RC4 algorithm