YoVDO

PPLdump Is Dead - Long Live PPLdump

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Vulnerability Assessment Courses Exploit Development Courses Windows Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the intricacies of Windows Protected Process Light (PPL) mechanism and its vulnerabilities in this 30-minute Black Hat conference talk. Delve into the history of PPL bypasses, focusing on the notorious PPLdump tool and its implications for Windows security. Learn about the design of PPL, its role in hardening anti-malware and critical Windows services, and the Windows Code Integrity subsystem. Examine the long-lived vulnerabilities in PPL, their real-world impact, and Microsoft's approach to patching these issues. Gain insights into historical exploits, their mitigations, and the ongoing challenges in securing Windows systems against PPL bypasses.

Syllabus

PPLdump Is Dead. Long Live PPLdump!


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network