PipeViewer
defcon27_csharp_workshop
PipeViewer | defcon27_csharp_workshop | |
---|---|---|
7 | 1 | |
530 | 952 | |
1.1% | - | |
7.3 | 10.0 | |
9 months ago | about 2 years ago | |
C# | C# | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PipeViewer
- 🔥 PipeViewer: A new tool for viewing Windows Named Pipes and searching for insecure permissions. 🔥
-
Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
Eviatar also put his new tool PipeViewer up on github as well. https://github.com/cyberark/PipeViewer
defcon27_csharp_workshop
What are some alternatives?
ETWProcessMon2 - ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
frostbyte - FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
ImpulsiveDLLHijack - C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
PoshC2 - A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
KRBUACBypass - UAC Bypass By Abusing Kerberos Tickets
LocalAdminSharp - .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
Sandman - Sandman is a NTP based backdoor for red team engagements in hardened networks.
DPAPISnoop - A C# tool to output crackable DPAPI hashes from user MasterKeys
CIMplant - C# port of WMImplant which uses either CIM or WMI to query remote systems