Bypassing Windows-specific operating system controls
In every corporate environment, we see all the endpoints provided to the users are on Windows operating system. The likelihood of exploiting Windows is always at high due to the usage. In this section, we will focus on some of the specific operating system security controls and how to bypass them post access to the endpoint.
Enhanced Migration Experience Toolkit (EMET)
EMET is an additional security mitigation project/layer that Microsoft has come up with to provide to their customers beyond what the built-in operating system can provide. The EMET runs inside a protected program as a Dynamic Link Library (DLL) and the objective was to make the exploitation more difficult to the attackers. However, Microsoft announced in 2016 that it would put an end to the life of EMET, meaning there will be no later versions than version 5.5. The following table provides different versions of EMET that were released by Microsoft with their features; however...
