
KeeFarce – A KeePass 2.x database extraction tool - pylight
http://seclists.org/fulldisclosure/2015/Oct/106
======
smt88
Does this work from an unprivileged process? I'm not familiar with Windows DLL
injection techniques, but I do use KeePass and want to know if I should stop
keeping it open in memory.

I guess I could always run it in a thin Linux VM or something...

