defcon27_csharp_workshop
PipeViewer
defcon27_csharp_workshop | PipeViewer | |
---|---|---|
1 | 7 | |
952 | 530 | |
- | 1.1% | |
10.0 | 7.3 | |
about 2 years ago | 9 months ago | |
C# | C# | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
defcon27_csharp_workshop
PipeViewer
- 🔥 PipeViewer: A new tool for viewing Windows Named Pipes and searching for insecure permissions. 🔥
-
Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
Eviatar also put his new tool PipeViewer up on github as well. https://github.com/cyberark/PipeViewer
What are some alternatives?
frostbyte - FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
ETWProcessMon2 - ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
PoshC2 - A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
ImpulsiveDLLHijack - C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
LocalAdminSharp - .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
KRBUACBypass - UAC Bypass By Abusing Kerberos Tickets
Sandman - Sandman is a NTP based backdoor for red team engagements in hardened networks.
CIMplant - C# port of WMImplant which uses either CIM or WMI to query remote systems
DPAPISnoop - A C# tool to output crackable DPAPI hashes from user MasterKeys