Alternatives and similar repositories for WindowsRpcClients:

Users that are interested in WindowsRpcClients are comparing it to the libraries listed below

• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆175Updated 5 years ago
• 0xAlexei / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆292Updated 6 years ago
• tyranid / windows-logical-eop-workshop
  ☆231Updated 7 years ago
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆433Updated 5 years ago
• Cyb3rWard0g / WinRpcFunctions
  ☆67Updated 2 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆233Updated 4 years ago
• sogeti-esec-lab / RPCForge
  Windows RPC Python fuzzer
  ☆159Updated 7 years ago
• jthuraisamy / ioctlpus
  ☆107Updated 4 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher
  Universal Unhooking
  ☆318Updated 6 years ago
• endgameinc / ClrGuard
  ☆213Updated 6 years ago
• tandasat / DotNetHooking
  Sample use cases of the .NET native code hooking technique
  ☆208Updated 7 years ago
• lucasg / findrpc
  Idapython script to carve binary for internal RPC structures
  ☆230Updated 10 months ago
• ustayready / CasperStager
  PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
  ☆148Updated 5 years ago
• Signal-Labs / NtdllUnpatcher
  Example code for EDR bypassing
  ☆150Updated 5 years ago
• xpn / RpcEnum
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆101Updated 5 years ago
• hlldz / APC-PPID
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆156Updated 5 years ago
• zodiacon / ALPCLogger
  Log ALPC activity
  ☆78Updated last year
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆326Updated 4 years ago
• jdu2600 / Windows10EtwEvents
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆286Updated 9 months ago
• mattifestation / PIC_Bindshell
  Position Independent Windows Shellcode Written in C
  ☆287Updated 6 years ago
• Accenture / CLRvoyance
  Managed assembly shellcode generation
  ☆266Updated 3 years ago
• Barakat / CVE-2019-16098
  Local privilege escalation PoC exploit for CVE-2019-16098
  ☆193Updated 5 years ago
• hugsy / CFB
  Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
  ☆314Updated 10 months ago
• dismantl / ImprovedReflectiveDLLInjection
  An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
  ☆320Updated 7 years ago
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆199Updated 4 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆95Updated 5 years ago
• antonioCoco / Mapping-Injection
  Just another Windows Process Injection
  ☆390Updated 4 years ago
• commial / experiments
  Expriments
  ☆452Updated 4 months ago
• hoangprod / AndrewSpecial
  AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
  ☆385Updated 5 years ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆160Updated 2 months ago