This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
☆122Feb 21, 2025Updated last year
Alternatives and similar repositories for SharpShellPipe
Users that are interested in SharpShellPipe are comparing it to the libraries listed below
Sorting:
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆89Nov 9, 2023Updated 2 years ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆164Jan 4, 2024Updated 2 years ago
- Terminate AV/EDR leveraging BYOVD attack☆104Mar 21, 2025Updated 11 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆537May 9, 2025Updated 9 months ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- Execute commands in other Sessions☆91Jul 29, 2024Updated last year
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- ☆341Nov 10, 2025Updated 3 months ago
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆201Jun 25, 2024Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- ☆245Sep 19, 2023Updated 2 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Aug 29, 2024Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 10 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Continuous password spraying tool☆201Dec 4, 2025Updated 2 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- C# havoc implant☆100Feb 12, 2023Updated 3 years ago
- I have documented all of the AMSI patches that I learned till now☆74Nov 4, 2025Updated 3 months ago
- Nemesis agent for Mythic☆28Dec 11, 2025Updated 2 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆503Dec 19, 2023Updated 2 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- ☆250Jul 31, 2024Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆211Mar 10, 2024Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆55Feb 12, 2024Updated 2 years ago
- Native Syscalls Shellcode Injector☆266Jul 2, 2023Updated 2 years ago
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆260Jun 14, 2023Updated 2 years ago