Alternatives and similar repositories for NamedPipeMaster

Users that are interested in NamedPipeMaster are comparing it to the libraries listed below

• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆199Updated 2 months ago
• zeze-zeze / CYBERSEC2023-BYOVD-Demo
  ☆29Updated last year
• ucsb-seclab / popkorn-artifact
  ☆69Updated 2 years ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆117Updated last month
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆78Updated this week
• gabriellandau / ItsNotASecurityBoundary
  ☆169Updated 10 months ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆116Updated 10 months ago
• exploits-forsale / prefetch-tool
  Windows KASLR bypass using prefetch side-channel
  ☆100Updated last year
• zeze-zeze / 2023iThome
  ☆33Updated 6 months ago
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆203Updated last month
• Friends-Security / RedirectThread
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆159Updated 3 weeks ago
• MrAle98 / CVE-2025-21333-POC
  POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
  ☆193Updated last month
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆227Updated 2 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆118Updated 2 years ago
• 0vercl0k / snapshot
  WinDbg extension written in Rust to dump the CPU / memory state of a running VM
  ☆117Updated 3 weeks ago
• zeze-zeze / WindowsKernelVuln
  ☆53Updated 2 years ago
• NetSPI / BOF-PE
  An example reference design for a proposed BOF PE
  ☆168Updated last month
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆92Updated 2 years ago
• SafeBreach-Labs / Back2TheFuture
  Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…
  ☆186Updated 3 years ago
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆79Updated 2 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated last year
• janoglezcampos / llvm-yx-callobfuscator
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆289Updated last year
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year
• hasherezade / waiting_thread_hijacking
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆216Updated last week
• ommadawn46 / HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
  HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
  ☆52Updated last month
• lem0nSec / CreateRemoteThreadPlus
  CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.
  ☆133Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• hasherezade / thread_namecalling
  Process Injection using Thread Name
  ☆272Updated last month
• fortra / CVE-2022-37969
  Windows LPE exploit for CVE-2022-37969
  ☆134Updated last year
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆88Updated 3 years ago