NamedPipeMaster is a versatile tool for analyzing and monitoring in named pipes.
It includes Ring3NamedPipeConsumer for direct server interaction, Ring3NamedPipeMonitor for DLL-based API hooking and data collection, and Ring0NamedPipeFilter for comprehensive system-wide monitoring.
The tool supports proactive and passive interactions, collects detailed communication data, and features a filter for specific event searches.
Put Ring3NamedPipeConsumer.exe, Ring3NamedPipeMonitor.dll, and Ring0NamedPipeFilter.sys in the same directory and run Ring3NamedPipeConsumer.exe.
Watch the demo video to understand the detailed usage. Please ensure that code integrity is disabled to use the features of the minifilter driver.
> Ring3NamedPipeConsumer.exe
[1] dump database
[2] start monitor mode
[3] clear database
[4] get database info
[5] filter
[6] inject dll
[7] NamedPipePoker
[8] NamedPipeProxyPoker
[9] NamedPipePoked
[10] help
[11] exit and clean up
NPM-CLI> 10
[1] dump database: print all monitored events in the database
[2] start monitor mode: keep monitoring named pipe activities until enter is pressed
[3] clear database: clear the database
[4] get database info: get some statistics
[5] filter: get the specified named pipe events
[6] inject dll: inject Ring3NamedPipeMonitor.dll into a process
[7] NamedPipePoker: directly interact with a named pipe server
[8] NamedPipeProxyPoker: inject Ring3NamedPipeMonitor.dll into a process as a proxy to interact with the target named pipe server
[9] NamedPipePoked: act as a named pipe server to be connected by other clients
[10] help: print this detail usage
[11] exit and clean up: terminate this process and unload the driver
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…