Decorrelate attack tool behaviour to avoid EDR interference. In this post, @Defte_@twitter.com writes about how remote LSA secrets dumping works and retrieves a Windows computer's BOOTKEY using less common methods.
https://sensepost.com/blog/2024/dumping-lsa-secrets-a-story-about-task-decorrelation/
Suivre
@sensepost Simplicité, ingéniosité et créativité. En voilà un bon billet de blog 
✔ tested & approved
@mixic vous êtes trop gentil! (My French is terrible I hope that makes sense)