What is a Password Filter DLL and how can an attacker exploit it in penetration testing?

A Password Filter DLL is a Windows component that enforces custom password complexity policies by processing plaintext passwords during password changes. Attackers can exploit it by developing a malicious DLL that implements the `PasswordChangeNotify` function to record plaintext passwords or even drop a backdoor, as described in Application of Password Filter DLL in Penetration Testing. This technique is similar to hooking `PasswordChangeNotify` but leverages the native DLL interface.