csandker / InterProcessCommunication-Samples
Some Code Samples for Windows based Inter-Process-Communication (IPC)
☆172Updated last year
Alternatives and similar repositories for InterProcessCommunication-Samples:
Users that are interested in InterProcessCommunication-Samples are comparing it to the libraries listed below
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆272Updated 4 years ago
- ☆199Updated 3 years ago
- Security product hook detection☆318Updated 4 years ago
- Run Processes as PPL with ELAM☆160Updated 3 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆175Updated this week
- APC Internals Research Code☆166Updated 4 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆329Updated 2 years ago
- A small PoC that creates processes in Windows☆181Updated 10 months ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆213Updated 2 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆207Updated 2 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆95Updated 3 months ago
- GhostWriting Injection Technique.☆170Updated 7 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆222Updated 4 years ago
- Silence EDRs by removing kernel callbacks☆231Updated 4 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆226Updated 2 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- PoC capable of detecting manual syscalls from usermode.☆194Updated 5 months ago
- Unofficial Common Log File System (CLFS) Documentation☆176Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆245Updated 2 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆116Updated last year
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆137Updated 2 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆120Updated 5 years ago
- ☆143Updated last year
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆137Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆213Updated 5 years ago
- Collection of DLL function export forwards for DLL export function proxying☆95Updated last year
- ☆164Updated 3 years ago
- Load a dynamic library from memory by modifying the native Windows loader☆218Updated 3 months ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆104Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago