A while ago some updates of pwdump and fgdump were released, namely pwdump6 1.5.0 as well as fgdump 1.5.0.
Version 1.5.0 of both programs takes advantage of some changes which makes them less likely to be detected by antivirus, at least as of today. This will be particularly helpful to those of you dealing with recent, more aggressive AV solutions. The README file for pwdump6 has also been updated to give some examples, as it seems some folks were having a hard time figuring out how to get started with it.
If you don’t know what pwdump and fgdump are..
pwdump6 is an updated version of the classic Windows password hash dumper pwdump3e. It has been updated to circumvent DEP which caused crashes on newer operating systems, and has also had several features added to make it more usable.
fgdump is a more powerful version of pwdump6 that performs cached credential dumps of a target host as well as stopping several brands of antivirus while the dumps are running. It is also fully multi-threaded and supports several means of targeting large numbers of hosts.
We at Darknet highly recommend using fgdump for most pen-test activities, very effective indeed.