How can security products that hook the `MiniDumpWriteDump` API be bypassed?

Security products often hook `NtReadVirtualMemory()` via user-mode API hooking, modifying the first five bytes with a jump. Bypasses include overwriting those bytes with the correct instructions or reimplementing the function. Tools like Dumpert or using RPC to control lsass to load a custom SSP DLL can also bypass such hooks. Another method is to inject a DLL into lsass that performs the dump internally. These techniques are covered in the original article.