正在加载视频...
视频加载失败
Did some experiments on bypassing PPL Protection and Windows Defender, to dump LSASS. No detections so far! tasty pepperoni's PPLBlade repo: My short write-up: #adversarytactics #redteam #tacticaladversary #PPLBlade
27,632 次观看 • 2 年前 •via X (Twitter)
3 条评论

Abhijith B R2 年前
PPLBlade Could be used to simulate adversarial actions against endpoint defense measures in Windows systems.

Sam ☁️🪵2 年前
@tastypepperoni Again, nice @abhijithbr ! In terms of prevention I don't see much except priv esc controls before getting admin. Detection wise, driver/image loaded? Do you see anything else?

Joe2 年前
@rsnksg @tastypepperoni
