☆112Jul 24, 2023Updated 2 years ago
Alternatives and similar repositories for brown-bags
Users that are interested in brown-bags are comparing it to the libraries listed below
Sorting:
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆194Jul 9, 2021Updated 4 years ago
- Managed code hooking template.☆108Feb 15, 2021Updated 5 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- Project to check which Nt/Zw functions your local EDR is hooking☆200Mar 21, 2021Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Using syscall to load shellcode, Evasion techniques☆27Jul 18, 2021Updated 4 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆429Jul 22, 2022Updated 3 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- ☆53Sep 16, 2021Updated 4 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.☆772Dec 21, 2022Updated 3 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 2 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Jun 10, 2022Updated 3 years ago
- ☆26May 22, 2021Updated 4 years ago
- works but not work, cao!☆24Sep 4, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆611Feb 16, 2023Updated 3 years ago
- MiniDumpWriteDump behavior modification hook☆50Feb 15, 2021Updated 5 years ago
- ☆415Apr 28, 2021Updated 4 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- C# Based Universal API Unhooker☆411Feb 18, 2022Updated 4 years ago
- UI for creating LNKs☆106Jun 16, 2021Updated 4 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- A port of FuzzySecurity's UrbanBishop project for inline shellcode execution☆118Sep 29, 2020Updated 5 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆59Nov 21, 2024Updated last year
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆108Jul 26, 2024Updated last year
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 2 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Bypassing AppLocker with C#☆144Jul 7, 2021Updated 4 years ago
- A quick example of the Hells Gate technique in Nim☆94Aug 11, 2021Updated 4 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Jan 14, 2022Updated 4 years ago
- nuke that event log using some epic dinvoke fu☆118May 12, 2021Updated 4 years ago