Alternatives and similar repositories for NamedPipeMaster

Users that are interested in NamedPipeMaster are comparing it to the libraries listed below

• Wh04m1001 / UserManagerEoP

  View on GitHub
  ☆82Apr 9, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆246Sep 8, 2024Updated last year
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆457Aug 2, 2024Updated last year
• CICADA8-Research / MyMSIAnalyzer

  View on GitHub
  Analyse MSI files for vulnerabilities
  ☆143Aug 30, 2024Updated last year
• deepinstinct / ShimMe

  View on GitHub
  ☆147Oct 29, 2024Updated last year
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Sep 26, 2024Updated last year
• cyberark / PipeViewer

  View on GitHub
  A tool that shows detailed information about named pipes in Windows
  ☆732Nov 15, 2024Updated last year
• Black-Frost / windows-learning

  View on GitHub
  ☆145Mar 29, 2025Updated 10 months ago
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆358Aug 11, 2024Updated last year
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆368Jan 20, 2026Updated 3 weeks ago
• Kudaes / Eclipse

  View on GitHub
  Activation Context Hijack
  ☆169Aug 3, 2025Updated 6 months ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated 11 months ago
• whokilleddb / funcshenanigans

  View on GitHub
  A bunch of shenanigans using functions, VEH and more
  ☆37Jun 8, 2025Updated 8 months ago
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562

  View on GitHub
  ☆61Aug 21, 2023Updated 2 years ago
• xaitax / NTSleuth

  View on GitHub
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆161Aug 30, 2025Updated 5 months ago
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• Wh04m1001 / GamingServiceEoP

  View on GitHub
  ☆150Mar 22, 2024Updated last year
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆170Jun 17, 2024Updated last year
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆635May 8, 2025Updated 9 months ago
• mandiant / msi-search

  View on GitHub
  ☆290Jul 20, 2023Updated 2 years ago
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆198Jun 17, 2025Updated 7 months ago
• CICADA8-Research / TypeLibWalker

  View on GitHub
  TypeLib persistence technique
  ☆139Oct 22, 2024Updated last year
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆249Jun 11, 2024Updated last year
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆534May 9, 2025Updated 9 months ago
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆212Jun 10, 2024Updated last year
• daem0nc0re / VectorKernel

  View on GitHub
  PoCs for Kernelmode rootkit techniques research.
  ☆429Nov 4, 2025Updated 3 months ago
• mansk1es / CVE-2024-21111

  View on GitHub
  Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
  ☆217May 9, 2024Updated last year
• PeterGabaldon / CVE-2024-7479_CVE-2024-7481

  View on GitHub
  TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.
  ☆136Dec 22, 2024Updated last year
• zeze-zeze / ioctlance

  View on GitHub
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆436Dec 7, 2025Updated 2 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆231Feb 12, 2025Updated last year
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆106Aug 21, 2024Updated last year
• warpnet / MS-RPC-Fuzzer

  View on GitHub
  Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…
  ☆325Oct 20, 2025Updated 3 months ago
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆297Apr 18, 2025Updated 9 months ago
• tykawaii98 / CVE-2024-30088

  View on GitHub
  ☆282Jul 31, 2024Updated last year
• ColeHouston / Sunder

  View on GitHub
  Windows rootkit designed to work with BYOVD exploits
  ☆214Jan 18, 2025Updated last year
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆772Jan 26, 2026Updated 2 weeks ago