How does SelectMyParent enable privilege reduction from SYSTEM to ordinary user privileges?

SelectMyParent, developed by Didier Stevens, allows creating a new process as a child of a chosen parent process. Since child processes inherit the security context of the parent, you can select a process running as an ordinary user (e.g., explorer.exe) and launch calc.exe as its child. This effectively drops SYSTEM privileges to the target user's permissions. The steps are: obtain the PID of a standard user process via `tasklist /v /fo list`, then run `SelectMyParent.exe calc.exe <PID>`. The tool also works for privilege escalation from admin to SYSTEM by choosing a SYSTEM-level parent like winlogon.exe. The article also provides a small C++ utility to determine if a process has admin privileges.