zeze-zeze / NamedPipeMasterLinks
a tool used to analyze and monitor in named pipes
☆164Updated 7 months ago
Alternatives and similar repositories for NamedPipeMaster
Users that are interested in NamedPipeMaster are comparing it to the libraries listed below
Sorting:
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆199Updated 2 months ago
- ☆29Updated last year
- ☆69Updated 2 years ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆117Updated last month
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆78Updated this week
- ☆169Updated 10 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 10 months ago
- Windows KASLR bypass using prefetch side-channel☆100Updated last year
- ☆33Updated 6 months ago
- Static Binary Instrumentation tool for Windows x64 executables☆203Updated last month
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆159Updated 3 weeks ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆193Updated last month
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆227Updated 2 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆118Updated 2 years ago
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆117Updated 3 weeks ago
- ☆53Updated 2 years ago
- An example reference design for a proposed BOF PE☆168Updated last month
- Finding Truth in the Shadows☆92Updated 2 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆186Updated 3 years ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆79Updated 2 years ago
- Recon 2023 slides and code☆79Updated last year
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆289Updated last year
- LPE exploit for CVE-2023-36802☆22Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆216Updated last week
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆52Updated last month
- CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.☆133Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 5 months ago
- Process Injection using Thread Name☆272Updated last month
- Windows LPE exploit for CVE-2022-37969☆134Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago