Bypass 10
- Ghost in the PPL Part 3: LSASS Memory Dump
- Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS
- Ghost in the PPL Part 1: BYOVDLL
- CVE-2022-41099 - Analysis of a BitLocker Drive Encryption Bypass
- Bypassing PPL in Userland (again)
- Revisiting a Credential Guard Bypass
- Bypassing LSA Protection in Userland
- Do You Really Know About LSA Protection (RunAsPPL)?
- VBA RunPE - Breaking Out of Highly Constrained Desktop Environments - Part 2/2
- VBA RunPE - Breaking Out of Highly Constrained Desktop Environments - Part 1/2