From 7412803fe697a535808b9cd1246b8c02ffe517ea Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Tue, 31 Aug 2021 10:47:28 +0700
Subject: [PATCH] Add: EspressoCake/Process_Protection_Level_BOF to Recon
 section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index 3e997f7..05c10b4 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -71,6 +71,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/dsnezhkov/TruffleSnout">dsnezhkov/TruffleSnout</a></td>
         <td>Iterative AD discovery toolkit for offensive operations</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/EspressoCake/Process_Protection_Level_BOF">EspressoCake/Process_Protection_Level_BOF</a></td>
+        <td>A Syscall-only BOF file intended to grab process protection attributes, limited to a handful that Red Team operators and pentesters would commonly be interested in.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/fashionproof/CheckSafeBoot">fashionproof/CheckSafeBoot</a></td>
         <td>I used this to see if an EDR is running in Safe Mode</td>