pepperoni – Medium

Aug 29

Bypassing Defender’s LSASS dump detection and PPL protection In Go

Overview This blog reviews the technique that can be used to bypass Protected Process Light protection for any Windows process using theProcess Explorer driver and explores methods to bypass Windows Defender’s signature-based mechanisms for process dump detection. The tool introduced in this blog (PPLBlade), is written entirely in GO and can…

Cybersecurity

6 min read

Bypassing Defender’s LSASS dump detection and PPL protection In Go

Cybersecurity

6 min read

Jul 29, 2022

Running Exploit As Protected Process Light From Userland

Overview This blog reviews the recently patched(Windows 10 21H2 10.0.19044.1826 (24 July 2022 update)) vulnerability in Protected Process Light, which enables us to run any code as the highest level of protection, meaning that the exploit will have full access over any other Protected Process Light and anti-malware services won’t be…

15 min read

Running Exploit As Protected Process Light From Userland

15 min read

Mar 3, 2021

HackTheBox — ScriptKiddie Walkthrough

This article is about how I rooted the machine “ScriptKiddie” from HackTheBox. Enumeration Let’s start with Nmap scan

6 min read

6 min read