Use CLR to inject all the .NET apps
☆184Apr 17, 2021Updated 4 years ago
Alternatives and similar repositories for CLR-Injection
Users that are interested in CLR-Injection are comparing it to the libraries listed below
Sorting:
- A cobaltstrike script that integrates DDEAuto Attacks☆63Oct 17, 2017Updated 8 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Aug 7, 2020Updated 5 years ago
- A C# implementation of the PowerShell Empire Agent☆74Apr 22, 2019Updated 6 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,128Feb 10, 2021Updated 5 years ago
- ☆54Aug 13, 2018Updated 7 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆398Apr 22, 2018Updated 7 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆162Apr 11, 2017Updated 8 years ago
- A set of demos and a PowerShell module to interact with DotNetInterop.☆69Apr 7, 2018Updated 7 years ago
- A command shell wrapper using only WMI for Microsoft Windows☆334Jun 24, 2017Updated 8 years ago
- This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows O…☆300May 5, 2016Updated 9 years ago
- (Small change to make it easier to test the payload and combine it with SILENTTRINITY.)A tool for generating .NET serialized gadgets that…☆43Mar 2, 2020Updated 5 years ago
- CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability☆332Dec 30, 2018Updated 7 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆139Aug 3, 2017Updated 8 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- MSBuildShell, a Powershell Host running within MSBuild.exe☆294Aug 2, 2019Updated 6 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,012Jul 3, 2018Updated 7 years ago
- C# code to run shellcode in a sneaky way☆93Oct 2, 2020Updated 5 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- ☆229May 10, 2018Updated 7 years ago
- Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell☆498Mar 15, 2023Updated 2 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Feb 27, 2025Updated last year
- CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege☆337Dec 23, 2021Updated 4 years ago
- SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 st…☆200Jan 23, 2020Updated 6 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- ☆12Apr 13, 2017Updated 8 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- How To Execute Shellcode via HTA☆141Feb 23, 2018Updated 8 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆231May 30, 2019Updated 6 years ago
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- Use bitsadmin to maintain persistence and bypass Autoruns☆67Jul 18, 2017Updated 8 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆332May 3, 2020Updated 5 years ago
- Contains poc's and my research works☆31Feb 13, 2023Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago