A tool designed to hook into Windows applications and output named (and anonymous?) pipe traffic.
☆15Feb 27, 2024Updated 2 years ago
Alternatives and similar repositories for Peep
Users that are interested in Peep are comparing it to the libraries listed below
Sorting:
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆35Feb 27, 2025Updated last year
- Some stuff for PHD2021☆14May 21, 2025Updated 9 months ago
- ☆12Feb 19, 2026Updated 2 weeks ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- A simple C++ Windows tool to get information about processes exposing named pipes.☆40Mar 6, 2025Updated last year
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆44Apr 27, 2023Updated 2 years ago
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication querying LDAP. Generates individual CSV files and a s…☆50Feb 23, 2026Updated last week
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- CVE-2024-40711-exp☆42Oct 17, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- ☆26Mar 10, 2022Updated 3 years ago
- This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…☆21Nov 4, 2024Updated last year
- ☆46Nov 14, 2020Updated 5 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly☆46May 14, 2023Updated 2 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆94Jun 20, 2022Updated 3 years ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- My implementation of Halo's Gate technique in C#☆54Apr 20, 2022Updated 3 years ago
- ☆108Aug 21, 2024Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆28Aug 19, 2024Updated last year
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- Files for http://deniable.org/windows/windows-callbacks☆26Jul 9, 2020Updated 5 years ago
- ☆38Apr 15, 2025Updated 10 months ago
- Exhaustive search and flexible filtering of Active Directory ACEs.☆75Nov 10, 2025Updated 3 months ago
- ☆170Jan 7, 2022Updated 4 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆122May 29, 2024Updated last year
- ☆65Mar 15, 2024Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆76Feb 15, 2023Updated 3 years ago