This repo hosts a poc of how to execute F# code within an unmanaged process
☆70Jun 25, 2024Updated last year
Alternatives and similar repositories for What-The-F
Users that are interested in What-The-F are comparing it to the libraries listed below
Sorting:
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- ☆53Nov 11, 2021Updated 4 years ago
- ☆25Jul 7, 2022Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆429Jul 22, 2022Updated 3 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆95Jun 20, 2022Updated 3 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆203Jul 14, 2021Updated 4 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆100Jan 18, 2022Updated 4 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago
- ☆81Feb 12, 2022Updated 4 years ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago