Defense Evasion 9

• Ghost in the PPL Part 3: LSASS Memory Dump Sep 2, 2024
• Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS Aug 16, 2024
• Ghost in the PPL Part 1: BYOVDLL Aug 9, 2024
• Bypassing PPL in Userland (again) Mar 17, 2023
• Revisiting a Credential Guard Bypass May 23, 2022
• Bypassing LSA Protection in Userland Apr 22, 2021
• Do You Really Know About LSA Protection (RunAsPPL)? Apr 7, 2021
• VBA RunPE - Breaking Out of Highly Constrained Desktop Environments - Part 2/2 Dec 29, 2018
• VBA RunPE - Breaking Out of Highly Constrained Desktop Environments - Part 1/2 Dec 12, 2018