Bypassing BitLocker Without a Screwdriver: bitpixie and What You Can Do About It
BitLocker is always a topic in Windows client pentests. For full-disk encryption not to be easily bypassed, BitLocker must be configured securely.
There is in fact a vulnerability that can be used to bypass BitLocker without special hardware – and in principle anyone can exploit it. This post covers the bitpixie attack, why BitLocker’s default mode is vulnerable, and what you can do about it.