trailofbits/RpcInvestigator external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

trailofbits/RpcInvestigator

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trailofbits/RpcInvestigator)

Close

trailofbits / RpcInvestigatorView on GitHubMore

• External links
• Readme badge

Exploring RPC interfaces on Windows

☆346Jan 30, 2024Updated 2 years ago

Alternatives and similar repositories for RpcInvestigator

Users that are interested in RpcInvestigator are comparing it to the libraries listed below

• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆388Aug 19, 2024Updated last year
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,049Sep 24, 2023Updated 2 years ago
• cyberark / PipeViewer

  View on GitHub
  A tool that shows detailed information about named pipes in Windows
  ☆740Nov 15, 2024Updated last year
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆244Sep 26, 2023Updated 2 years ago
• lucasg / findrpc

  View on GitHub
  Idapython script to carve binary for internal RPC structures
  ☆239Mar 18, 2024Updated 2 years ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆954Feb 2, 2026Updated last month
• daem0nc0re / PrivFu

  View on GitHub
  Kernel mode WinDbg extension and PoCs for token privilege investigation.
  ☆905Jan 21, 2025Updated last year
• lem0nSec / CreateRemoteThreadPlus

  View on GitHub
  CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.
  ☆138Jul 10, 2025Updated 8 months ago
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆249Sep 8, 2024Updated last year
• xpn / RpcEnum

  View on GitHub
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆108Jul 31, 2019Updated 6 years ago
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆101Oct 7, 2023Updated 2 years ago
• gabriellandau / PPLFault

  View on GitHub
  ☆564Feb 22, 2024Updated 2 years ago
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆363Dec 19, 2022Updated 3 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• Wra7h / FlavorTown

  View on GitHub
  Various ways to execute shellcode
  ☆508Mar 13, 2024Updated 2 years ago
• dr4k0nia / MurkyStrings

  View on GitHub
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆109Jan 3, 2023Updated 3 years ago
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆184Nov 28, 2024Updated last year
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆258May 10, 2023Updated 2 years ago
• tijme / amd-ryzen-master-driver-v17-exploit

  View on GitHub
  Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
  ☆155Jan 21, 2023Updated 3 years ago
• whokilleddb / ETWListicle

  View on GitHub
  List the ETW provider(s) in the registration table of a process.
  ☆80Sep 20, 2023Updated 2 years ago
• bananabr / TimeException

  View on GitHub
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆233Feb 13, 2024Updated 2 years ago
• eladshamir / RPC-Backdoor

  View on GitHub
  A basic emulation of an "RPC Backdoor"
  ☆242Aug 25, 2022Updated 3 years ago
• csandker / InterProcessCommunication-Samples

  View on GitHub
  Some Code Samples for Windows based Inter-Process-Communication (IPC)
  ☆211Feb 29, 2024Updated 2 years ago
• trustedsec / Windows-MS-LSAT-RPC-Example

  View on GitHub
  Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD
  ☆28Jan 4, 2024Updated 2 years ago
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆628Oct 19, 2023Updated 2 years ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆647Mar 20, 2024Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆674Dec 23, 2022Updated 3 years ago
• Accenture / Spartacus

  View on GitHub
  Spartacus DLL/COM Hijacking Toolkit
  ☆1,080Feb 1, 2024Updated 2 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated last year
• diversenok / TokenUniverse

  View on GitHub
  An advanced tool for working with access tokens and Windows security policy.
  ☆643Feb 28, 2026Updated 3 weeks ago
• klezVirus / RpcProxyInvoke

  View on GitHub
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆137Aug 10, 2024Updated last year
• itm4n / PPLmedic

  View on GitHub
  Dump the memory of any PPL with a Userland exploit chain
  ☆352Mar 17, 2023Updated 3 years ago
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆465Sep 24, 2023Updated 2 years ago
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• warpnet / MS-RPC-Fuzzer

  View on GitHub
  Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…
  ☆326Oct 20, 2025Updated 5 months ago
• ly4k / PassTheChallenge

  View on GitHub
  Recovering NTLM hashes from Credential Guard
  ☆377Dec 26, 2022Updated 3 years ago
• ceramicskate0 / SharpExchange

  View on GitHub
  C# Tool to interact with MS Exchange based on MS docs
  ☆102Dec 7, 2022Updated 3 years ago