From e2a869af7fe87c3b1e29a743fa8368c177a8fbf6 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Tue, 26 Jul 2022 13:35:41 +0700
Subject: [PATCH] Add: last-byte/RIPPL to Defense Evasion section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index fffcbbd..f2fd4ce 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -1624,6 +1624,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/l373/GIVINGSTORM">l373/GIVINGSTORM</a></td>
         <td>Infection vector that bypasses AV, IDS, and IPS. (For now...)</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/last-byte/RIPPL">last-byte/RIPPL</a></td>
+        <td>RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/last-byte/unDefender">last-byte/unDefender</a></td>
         <td>Killing your preferred antimalware by abusing native symbolic links and NT paths.</td>