Ophir leads the security research team in Akamai's Enterprise Security Group. Stiv Kupchik is a Security Researcher Team Lead at Akamai. His research projects revolve around OS internals, vulnerability research, and malware analysis. He has presented his research at conferences such as Black Hat, Hexacon, and 44CON. In addition to being a cybersecurity professional, Stiv also has a BSc in physics. Remote Procedure Calls (RPC) are one of the most widespread protocols in use today. It allows for inter-process communication, both on a single host and across the network, and serves as a critical building block for countless applications and services. For the sake of this guide, we’ll be referring to MSRPC as we discuss RPC, given the focus of our work. \r\n The RPC filter is a mechanism in Windows that enables controlling and limiting RPC traffic, as well as limiting the creation of RPC endpoints. It is implemented by the Windows Filtering Platform (WFP) and is exposed through the netsh command-line utility.…