csandker / InterProcessCommunication-SamplesLinks
Some Code Samples for Windows based Inter-Process-Communication (IPC)
☆175Updated last year
Alternatives and similar repositories for InterProcessCommunication-Samples
Users that are interested in InterProcessCommunication-Samples are comparing it to the libraries listed below
Sorting:
- ☆200Updated 3 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆276Updated 4 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆178Updated last month
- Security product hook detection☆318Updated 4 years ago
- Run Processes as PPL with ELAM☆163Updated 3 years ago
- APC Internals Research Code☆166Updated 4 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆225Updated 4 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆332Updated 2 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆121Updated 5 years ago
- GhostWriting Injection Technique.☆175Updated 7 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆96Updated 4 months ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆214Updated 2 years ago
- PoC capable of detecting manual syscalls from usermode.☆196Updated 6 months ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆227Updated 2 years ago
- ☆143Updated last year
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆143Updated 6 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆219Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆245Updated 2 years ago
- API Set Viewer☆89Updated 4 months ago
- Silence EDRs by removing kernel callbacks☆234Updated 4 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆348Updated 2 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆212Updated 2 years ago
- A small PoC that creates processes in Windows☆182Updated 11 months ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- Sysmon-Like research tool for ETW☆353Updated 2 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆137Updated 3 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- ☆165Updated 3 years ago
- Samples from my book Windows Native API programming☆67Updated 3 weeks ago