Offensive Windows IPC Internals 3: ALPC · csandker.io
injection-1/alpc.cpp at master · sbousseaden/injection-1 · GitHub
Performance monitoring
ALPC monitoring - Reverse engineering & exploit development - Romanian Security Team
Offensive Windows IPC Internals 3: ALPC · csandker.io
Project Zero: Calling Local Windows RPC Servers from .NET
New Attacks to Disable and Bypass Windows Management Instrumentation [LABSCon Edition]
3 Ways to Get a COM Server Process ID | Apriorit
Offensive Windows IPC Internals 3: ALPC · csandker.io
New Attacks to Disable and Bypass Windows Management Instrumentation [LABSCon Edition]
Follow the Link: Exploiting Symbolic Links with Ease
PDF) WINDOWS PRIVILEGE ESCALATION THROUGH LPC AND ALPC INTERFACES | Thomas Garnier - Academia.edu
Offensive Windows IPC Internals 3: ALPC · csandker.io
Monitoring Windows Console Activity (Part 1) | Mandiant
c# - NtOpenSymbolicLinkObject doesn't succeed to get symbolic link handle - Stack Overflow
Project Zero: Down the Rabbit-Hole...
Alex Ionescu on Twitter: "@lordx64 @stvemillertime It's “\Windows\ApiPort” an ALPC port owned business CSRSS. Since NT strings are not null-terminated, you're seeing the reuse of a buffer that contains “SharedSection”." / Twitter
raf/README.md at master · bnagy/raf · GitHub
Rouault imbert alpc_rpc_pacsec
Debugging LPCs with WinDbg | Machines Can Think
Debugging LPCs with WinDbg | Machines Can Think
Offensive Windows IPC Internals 3: ALPC · csandker.io
UWP Localhost Network Isolation and Edge - Malware Analysis - Malware Analysis, News and Indicators