{"id":35694062,"url":"https://github.com/cyberark/PipeViewer","last_synced_at":"2026-01-11T20:00:37.150Z","repository":{"id":65683167,"uuid":"581159351","full_name":"cyberark/PipeViewer","owner":"cyberark","description":"A tool that shows detailed information about named pipes in Windows","archived":false,"fork":false,"pushed_at":"2024-11-15T09:55:35.000Z","size":17926,"stargazers_count":644,"open_issues_count":2,"forks_count":55,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-05-30T18:19:48.573Z","etag":null,"topics":["blueteam","cybersecurity","namedpipe","namedpipes","redteam","redteam-tools","research-tool","windows"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cyberark.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-12-22T12:35:34.000Z","updated_at":"2025-05-25T02:05:30.000Z","dependencies_parsed_at":"2024-06-16T12:47:12.304Z","dependency_job_id":"8da178b8-b0f2-4c71-b302-48b86afe1218","html_url":"https://github.com/cyberark/PipeViewer","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/cyberark/PipeViewer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2FPipeViewer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2FPipeViewer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2FPipeViewer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2FPipeViewer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cyberark","download_url":"https://codeload.github.com/cyberark/PipeViewer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2FPipeViewer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28321263,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T18:42:50.174Z","status":"ssl_error","status_checked_at":"2026-01-11T18:39:13.842Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blueteam","cybersecurity","namedpipe","namedpipes","redteam","redteam-tools","research-tool","windows"],"created_at":"2026-01-06T00:00:57.133Z","updated_at":"2026-01-11T20:00:37.136Z","avatar_url":"https://github.com/cyberark.png","language":"C#","readme":"[![GitHub release][release-img]][release]\n[![License][license-img]][license]\n![Downloads][download]\n\n\u003cimg src=\"https://github.com/cyberark/PipeViewer/blob/assets/pipeviewer_logo.png\" width=\"260\"\u003e   \nA GUI tool for viewing Windows Named Pipes and searching for insecure permissions.  \n\nThe tool was published as part of a research about Docker named pipes:   \n[\"Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1\"](https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-1)   \n[\"Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 2\"](https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-2)   \n\n## Overview\nPipeViewer is a GUI tool that allows users to view details about Windows Named pipes and their permissions. It is designed to be useful for security researchers who are interested in searching for named pipes with weak permissions or testing the security of named pipes. With PipeViewer, users can easily view and analyze information about named pipes on their systems, helping them to identify potential security vulnerabilities and take appropriate steps to secure their systems.\n\n## Usage\n\nDouble-click the EXE binary and you will get the list of all named pipes.   \n\n## Build\nBuild the PipeViewer project using Visual Studio or the command line. Here's how:\n### Using Visual Studio\nOpen `PipeViewer.sln` in Visual Studio.\nNavigate to Build \u003e Batch Build \u003e Select \"Release\" for PipeViewer and click `Build`.\n### Using Command Line\nOpen a Command Prompt and navigate to your project directory.\n   ```bash\n   cd path\\to\\PipeViewer\n   msbuild PipeViewer.sln /p:Configuration=Release /p:Platform=\"Any CPU\"\n  ```\n- Make sure that MSBuild is added to your system's PATH or provide the full path to the MSBuild executable.\n \nThe executable will be created in: 'C:\\path\\to\\PipeViewer\\PipeViewer\\bin\\Release'.\n\nWhen downloading it from GitHub you might get error of block files, you can use PowerShell to unblock them:  \n```powershell\nGet-ChildItem -Path 'D:\\tmp\\PipeViewer-main' -Recurse | Unblock-File\n```\n\n## Warning  \nWe built the project and uploaded it so you can find it in the releases.  \nOne problem is that the binary will trigger alerts from Windows Defender because it uses the NtObjerManager package which is flagged as virus.  \nNote that James Forshaw talked about it [here](https://youtu.be/At-SWQyp-DY?t=1652).  \nWe can't change it because we depend on third-party DLL.  \n\n## Features\n* A detailed overview of named pipes.\n* Filter\\highlight rows based on cells.\n* Bold specific rows.\n* Export\\Import to\\from JSON.\n* PipeChat - create a connection with available named pipes.\n\n## Demo  \nhttps://user-images.githubusercontent.com/11998736/215425682-c5219395-16ea-42e9-8d1e-a636771b5ba2.mp4\n\n## Credit\nWe want to thank James Forshaw ([@tyranid](https://github.com/tyranid)) for creating the open source [NtApiDotNet](https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools/tree/main/NtApiDotNet) which allowed us to get information about named pipes.  \n\n## License\nCopyright (c) 2023 CyberArk Software Ltd. All rights reserved  \nThis repository is licensed under  Apache-2.0 License - see [`LICENSE`](LICENSE) for more details.\n\n## ❤️ Showcase \n  * Presented at Insomnihack 2023 [\"Breaking Docker's Named Pipes SYSTEMatically\"](https://www.youtube.com/watch?v=03z6o_YOw8M)\n  * Presented at TyphoonCon 2023 [\"Breaking Docker's Named Pipes SYSTEMatically\"](https://typhooncon.com/breaking-dockers-pipes/)\n  * A case study by Nir Chako while using Pipeviewer [\"Piping Hot Fortinet VCulnerabilities\"](https://pentera.io/resources/research/two-zero-days-forticlient-vpn-2024/)   \n\n## References\nFor more comments, suggestions or questions, you can contact Eviatar Gerzi ([@g3rzi](https://twitter.com/g3rzi)) and CyberArk Labs.\n\n[release-img]: https://img.shields.io/github/release/cyberark/PipeViewer.svg\n[release]: https://github.com/cyberark/PipeViewer/releases\n\n[license-img]: https://img.shields.io/github/license/cyberark/PipeViewer.svg\n[license]: https://github.com/cyberark/PipeViewer/blob/master/LICENSE\n\n[download]: https://img.shields.io/github/downloads/cyberark/PipeViewer/total?logo=github\n","funding_links":[],"categories":["Tools"],"sub_categories":["Windows"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyberark%2FPipeViewer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcyberark%2FPipeViewer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyberark%2FPipeViewer/lists"}