mr.d0x on Twitter: "If you rename procdump.exe to dump64.exe and place it in the "C:\Program Files (x86)\Microsoft Visual Studio\*" folder, you can bypass Defender and dump LSASS. https://t.co/Vk8vPYFTPC" / Twitter
https://twitter.com/mrd0x/status/1460597833917251595