Bypass AppLocker
If AppLocker is configured with default rules, we can bypass it by placing our executable in the following directory below which is whitelisted by default.
C:\Windows\System32\spool\drivers\colorLast updated
If AppLocker is configured with default rules, we can bypass it by placing our executable in the following directory below which is whitelisted by default.
C:\Windows\System32\spool\drivers\colorLast updated