From d73c670f228ae3cd1df8326a91f4d8855d418ed5 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Mon, 5 Apr 2021 11:15:11 +0700
Subject: [PATCH] Add: RedCursorSecurityConsulting/PPLKiller to Defense Evasion
 section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index 4a9ea97..b2b7005 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -754,6 +754,10 @@ Some tools can be categorized in more than one category. But because the current
             drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and
             logging tools.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/RedCursorSecurityConsulting/PPLKiller">RedCursorSecurityConsulting/PPLKiller</a></td>
+        <td>Tool to bypass LSA Protection (aka Protected Process Light)</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/secretsquirrel/SigThief">secretsquirrel/SigThief</a></td>
         <td>Stealing Signatures and Making One Invalid Signature at a Time</td>