csandker / InterProcessCommunication-SamplesLinks
Some Code Samples for Windows based Inter-Process-Communication (IPC)
☆176Updated last year
Alternatives and similar repositories for InterProcessCommunication-Samples
Users that are interested in InterProcessCommunication-Samples are comparing it to the libraries listed below
Sorting:
- ☆200Updated 3 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆277Updated 4 years ago
- Security product hook detection☆318Updated 4 years ago
- APC Internals Research Code☆166Updated 4 years ago
- Run Processes as PPL with ELAM☆163Updated 3 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆179Updated 2 months ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆336Updated 2 years ago
- PoC capable of detecting manual syscalls from usermode.☆197Updated 7 months ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆96Updated 5 months ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆214Updated 2 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆121Updated 5 years ago
- A small PoC that creates processes in Windows☆182Updated last year
- Authenticode Hash Calculator for PE32/PE32+ files☆111Updated last week
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆225Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆248Updated 2 years ago
- Asynchronous Procedure Calls☆232Updated 4 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆152Updated 3 years ago
- Advanced driver monitoring utility.☆212Updated 2 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆214Updated 2 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆228Updated 2 years ago
- Samples from my book Windows Native API programming☆68Updated last month
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆219Updated 5 years ago
- Yet another variant of Process Hollowing☆400Updated 4 months ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆217Updated 2 years ago
- Silence EDRs by removing kernel callbacks☆234Updated 4 years ago
- Collection of DLL function export forwards for DLL export function proxying☆98Updated last year
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Updated 2 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆143Updated 6 years ago