Skills
.Work. You
Rest

winrt-interface-analysis

Community

Map WinRT attack surface by privilege context.

Software Engineering#security#interfaces#audit#analysis#windows#privilege#winrt
Authormarcosd4h
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Analyze WinRT server interfaces in Windows binaries using ground-truth extraction data across four access contexts (caller integrity level x server privilege). The data maps binaries to WinRT activation classes, interface methods, pseudo-IDL definitions, trust levels, SDDL permissions, server identities, and activation types to enable privilege-boundary risk assessment.

Core Features & Use Cases

  • Enumerate WinRT classes and interfaces in a module

  • Rank the WinRT attack surface by privilege-boundary risk

  • Find privilege escalation targets (SYSTEM/privileged servers reachable from various caller IL contexts)

  • Classify WinRT entry points by semantic category

  • Audit WinRT server security (SDDL, identities, activation types)

  • Confirm decompiled functions are WinRT entry points and inspect pseudo-IDL definitions

Quick Start

List all WinRT servers for a module by running the provided script with the module's DLL.

Dependency Matrix

Required Modules

None required

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: winrt-interface-analysis
Download link: https://github.com/marcosd4h/DeepExtractRuntime/archive/main.zip#winrt-interface-analysis

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.