https://github.com/bohops/UltimateWDACBypassList
https://github.com/mandiant/DueDLLigence
msdt.exe -path C:\WINDOWS\diagnostics\index\PCWDiagnostic.xml -af C:\PCW8E57.xml /skip TRUE
XML format for: msdt.exe -path C:\WINDOWS\diagnostics\index\PCWDiagnostic.xml -af C:\PCW8E57.xml /skip TRUE
Home Grown Red Team: Using LNK Files To Bypass Applocker
The Windows LNK file is just one of the many ways to get easy execution while bypassing Applocker and some AV. While this isn’t a new concept, it does present a lot of opportunity and is still favorite method of initial access for APTs around the world.
clink/pls.c at main · freeide/clink
Embed (?) an exe in an lnk