YoVDO

PPLdump Is Dead - Long Live PPLdump

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Vulnerability Assessment Courses Exploit Development Courses Windows Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the intricacies of Windows Protected Process Light (PPL) mechanism and its vulnerabilities in this 30-minute Black Hat conference talk. Delve into the history of PPL bypasses, focusing on the notorious PPLdump tool and its implications for Windows security. Learn about the design of PPL, its role in hardening anti-malware and critical Windows services, and the Windows Code Integrity subsystem. Examine the long-lived vulnerabilities in PPL, their real-world impact, and Microsoft's approach to patching these issues. Gain insights into historical exploits, their mitigations, and the ongoing challenges in securing Windows systems against PPL bypasses.

Syllabus

PPLdump Is Dead. Long Live PPLdump!


Taught by

Black Hat

Related Courses

Evaluación de peligros y riesgos por fenómenos naturales
Universidad Nacional Autónoma de México via Coursera Internet Security
openHPI Planning a Security Incident Response
Microsoft via edX Cyber Security
CEC via Swayam Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam