NamedPipeMaster is a versatile tool for analyzing and monitoring in named pipes.
It includes Ring3NamedPipeConsumer for direct server interaction, Ring3NamedPipeMonitor for DLL-based API hooking and data collection, and Ring0NamedPipeFilter for comprehensive system-wide monitoring.
The tool supports proactive and passive interactions, collects detailed communication data, and features a filter for specific event searches.
Put Ring3NamedPipeConsumer.exe, Ring3NamedPipeMonitor.dll, and Ring0NamedPipeFilter.sys in the same directory and run Ring3NamedPipeConsumer.exe.
Watch the demo video to understand the detailed usage. Please ensure that code integrity is disabled to use the features of the minifilter driver.
> Ring3NamedPipeConsumer.exe
[1] dump database
[2] start monitor mode
[3] clear database
[4] get database info
[5] filter
[6] inject dll
[7] NamedPipePoker
[8] NamedPipeProxyPoker
[9] NamedPipePoked
[10] help
[11] exit and clean up
NPM-CLI> 10
[1] dump database: print all monitored events in the database
[2] start monitor mode: keep monitoring named pipe activities until enter is pressed
[3] clear database: clear the database
[4] get database info: get some statistics
[5] filter: get the specified named pipe events
[6] inject dll: inject Ring3NamedPipeMonitor.dll into a process
[7] NamedPipePoker: directly interact with a named pipe server
[8] NamedPipeProxyPoker: inject Ring3NamedPipeMonitor.dll into a process as a proxy to interact with the target named pipe server
[9] NamedPipePoked: act as a named pipe server to be connected by other clients
[10] help: print this detail usage
[11] exit and clean up: terminate this process and unload the driver
This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out…
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks…
Discover your application security risks and vulnerabilities in only a few minutes. In this guide…
The idea behind waymore is to find even more links from the Wayback Machine than…
The Pycript extension for Burp Suite is a valuable tool for penetration testing and security…
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and…