By altering the calling threads process ID and extending the exploitation window with file locks, an attacker can trick Seclogon into creating privileged LSASS handles for memory dumping https://otter.gitbook.io/red-teaming/articles/windows-of-… #infosec #cybersecurity #redteam #pentest #windows