How to Bypass WDAC with dbgsrv.exe

Microsoft Applications and Blocklist Note: This blog post contains the details from Casey Smith and Ross Wolf’s BlackHat USA 2019 presentation Most application whitelisting bypasses that are used today abuse built-in functionality of the offending application to execute code which would otherwise be blocked. Due to most bypasses leveraging legitimate functionality in an unforeseen manner,…