bohops/RogueAssemblyHunter external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bohops/RogueAssemblyHunter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bohops/RogueAssemblyHunter)

Close

bohops / RogueAssemblyHunterView on GitHubMore

• External links
• Readme badge

Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.

☆117Feb 9, 2022Updated 4 years ago

Alternatives and similar repositories for RogueAssemblyHunter

Users that are interested in RogueAssemblyHunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆95Mar 8, 2023Updated 3 years ago
• klezVirus / DCKFinder

  View on GitHub
  Dangling COM Keys Finder
  ☆17Nov 16, 2021Updated 4 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• Cerbersec / Ares

  View on GitHub
  Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique
  ☆337Jan 16, 2022Updated 4 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆222Nov 5, 2021Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• airbus-cert / Invoke-Bof

  View on GitHub
  Load any Beacon Object File using Powershell!
  ☆262Dec 9, 2021Updated 4 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• jfmaes / AmsiHooker

  View on GitHub
  Hookers are cooler than patches.
  ☆170Jan 21, 2022Updated 4 years ago
• mitchmoser / LACheck

  View on GitHub
  ☆93Aug 23, 2021Updated 4 years ago
• trickster0 / LdrLoadDll-Unhooking

  View on GitHub
  LdrLoadDll Unhooking
  ☆134Jan 16, 2022Updated 4 years ago
• rasta-mouse / AsyncSockets

  View on GitHub
  Example of async client/server sockets in .NET 5
  ☆17Jun 9, 2021Updated 4 years ago
• connormcgarr / tgtdelegation

  View on GitHub
  tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
  ☆178Nov 26, 2021Updated 4 years ago
• rasta-mouse / Rosplant

  View on GitHub
  ☆53Sep 16, 2021Updated 4 years ago
• Dump-GUY / Get-PDInvokeImports

  View on GitHub
  Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…
  ☆54Apr 10, 2022Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• mdsecactivebreach / ParallelSyscalls

  View on GitHub
  ☆170Jan 7, 2022Updated 4 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Apr 4, 2026Updated last week
• nccgroup / DetectWindowsCopyOnWriteForAPI

  View on GitHub
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆201Jan 13, 2022Updated 4 years ago
• paranoidninja / Process-Instrumentation-Syscall-Hook

  View on GitHub
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆267Nov 18, 2022Updated 3 years ago
• alfarom256 / StinkyLoader

  View on GitHub
  It stinks
  ☆103Apr 22, 2022Updated 3 years ago
• HuskyHacks / the-crown-defcon615

  View on GitHub
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆46Jan 23, 2022Updated 4 years ago
• connormcgarr / cThreadHijack

  View on GitHub
  Beacon Object File (BOF) for remote process injection via thread hijacking
  ☆221Jan 13, 2021Updated 5 years ago
• nettitude / MalSCCM

  View on GitHub
  ☆254Sep 28, 2023Updated 2 years ago
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆552Dec 3, 2023Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Yaxser / COFFLoader2

  View on GitHub
  Load and execute COFF files and Cobalt Strike BOFs in-memory
  ☆225Sep 13, 2022Updated 3 years ago
• RedSiege / CIMplant

  View on GitHub
  C# port of WMImplant which uses either CIM or WMI to query remote systems
  ☆203Jul 14, 2021Updated 4 years ago
• GetRektBoy724 / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker
  ☆409Feb 18, 2022Updated 4 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated last year
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆283Sep 18, 2021Updated 4 years ago
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• bats3c / EvtMute

  View on GitHub
  Apply a filter to the events being reported by windows event logging
  ☆264Apr 24, 2021Updated 4 years ago
• diversenok / NtTools

  View on GitHub
  Some random system tools for Windows
  ☆115Apr 16, 2022Updated 3 years ago
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆338Sep 11, 2021Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• codewhitesec / SysmonEnte

  View on GitHub
  ☆78Oct 18, 2022Updated 3 years ago
• MartinIngesen / TokenStomp

  View on GitHub
  C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
  ☆144Feb 23, 2022Updated 4 years ago
• NUL0x4C / ManualRsrcDataFetching

  View on GitHub
  Get your data from the resource section manually, with no need for windows apis
  ☆67Oct 22, 2024Updated last year
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆270Mar 18, 2021Updated 5 years ago
• EspressoCake / Toggle_Token_Privileges_BOF

  View on GitHub
  Syscall BOF to arbitrarily add/detract process token privilege rights.
  ☆61Jul 10, 2024Updated last year
• Mr-Un1k0d3r / WindowsDllsExport

  View on GitHub
  A list of all the DLLs export in C:\windows\system32\
  ☆222Dec 22, 2021Updated 4 years ago
• Soledge / BlockEtw

  View on GitHub
  .Net Assembly to block ETW telemetry in current process
  ☆81May 14, 2020Updated 5 years ago