正在加载视频...

视频加载失败

Did some experiments on bypassing PPL Protection and Windows Defender, to dump LSASS. No detections so far! tasty pepperoni's PPLBlade repo: My short write-up: #adversarytactics #redteam #tacticaladversary #PPLBlade

3 条评论

Abhijith B R 的头像
Abhijith B R2 年前

PPLBlade Could be used to simulate adversarial actions against endpoint defense measures in Windows systems.

Sam ☁️🪵 的头像
Sam ☁️🪵2 年前

@tastypepperoni Again, nice @abhijithbr ! In terms of prevention I don't see much except priv esc controls before getting admin. Detection wise, driver/image loaded? Do you see anything else?

Joe 的头像
Joe2 年前

@rsnksg @tastypepperoni

相关视频