The research revealed that MiniFilter drivers, like Sysmon, can be exploited to hinder the functionality of EDR drivers. By strategically assigning a higher altitude value to another MiniFilter, it can be loaded before the EDR driver.  It prevents the EDR driver from registering with the Filter Manager, effectively disabling its telemetry capabilities, which leverage the … Continue reading Windows MiniFilter Hack: Easily Bypass EDR Security