☆85Jan 12, 2022Updated 4 years ago
Alternatives and similar repositories for RPCDump
Users that are interested in RPCDump are comparing it to the libraries listed below
Sorting:
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆209Feb 29, 2024Updated 2 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- Advance LPC☆72May 2, 2017Updated 8 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- Injector with kernel power☆18Jan 2, 2021Updated 5 years ago
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 3 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆38Oct 21, 2020Updated 5 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆258Sep 1, 2022Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- PoC capable of detecting manual syscalls from usermode.☆206Nov 13, 2025Updated 3 months ago
- A little tool to play with the Seclogon service☆326Jul 10, 2022Updated 3 years ago
- Dump the memory of a PPL with a userland exploit☆889Jul 24, 2022Updated 3 years ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,043Sep 24, 2023Updated 2 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆58Nov 16, 2021Updated 4 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆108Jul 31, 2019Updated 6 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- Code to make it easier to write an NDIS network driver on Windows☆93Oct 1, 2023Updated 2 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 5 years ago
- ☆132Oct 14, 2022Updated 3 years ago
- A way to delete a locked file, or current running executable, on disk.☆616Nov 5, 2025Updated 3 months ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM☆163Dec 24, 2022Updated 3 years ago
- LPE exploit for CVE-2023-36802☆167Oct 10, 2023Updated 2 years ago
- ☆301Oct 29, 2024Updated last year
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆486May 18, 2021Updated 4 years ago