Alternatives and similar repositories for shed:

Users that are interested in shed are comparing it to the libraries listed below

• jonatan1024 / clrinject
  Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.
  ☆230Updated 6 years ago
• enkomio / RunDotNetDll
  A simple utility to list all methods of a given .NET Assembly and to invoke them
  ☆73Updated 3 years ago
• malcomvetter / ManagedInjection
  A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
  ☆162Updated 6 years ago
• tandasat / DotNetHooking
  Sample use cases of the .NET native code hooking technique
  ☆210Updated 7 years ago
• endgameinc / ClrGuard
  ☆216Updated 7 years ago
• enkomio / sacara
  Sacara VM
  ☆122Updated 5 years ago
• enkomio / Anathema
  .NET instrumentation framework
  ☆72Updated 7 years ago
• justinstenning / SharpDisasm
  SharpDisasm - x86 / x86-64 disassembler for .NET
  ☆218Updated 5 years ago
• goldshtn / etrace
  Command-line tool for ETW tracing on files and real-time events
  ☆145Updated 6 years ago
• wildcardc / cfxc-deobf
  A ConfuserEx-custom deobfuscation toolchain
  ☆51Updated 7 years ago
• ChadSki / SharpNeedle
  Inject C# code into a running process
  ☆336Updated last year
• CyberPoint / Ruxcon2016ETW
  Ruxcon2016 POC Code
  ☆139Updated 8 years ago
• kevingosse / windbg-extensions
  Extensions for the new WinDbg
  ☆99Updated last year
• citronneur / detours.net
  Hook native API with C#
  ☆196Updated last year
• zodiacon / WinDbgX
  An attempt to create a friendly version of WinDbg
  ☆103Updated 6 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 8 years ago
• securifybv / ShellLink
  A .NET Class Library for processing ShellLink (LNK) files
  ☆195Updated 3 years ago
• zodiacon / DriverMon
  Monitor activity of any driver
  ☆334Updated 4 years ago
• 0xd4d / antinet
  .NET anti-managed debugger and anti-profiler code
  ☆298Updated 11 years ago
• ustayready / CasperStager
  PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
  ☆150Updated 5 years ago
• unknownv2 / CoreHook
  A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
  ☆273Updated last year
• ioncodes / dnpatch
  .NET Patcher library using dnlib
  ☆318Updated 4 years ago
• airbus-cert / dnYara
  A multi-platform .Net wrapper library for the native Yara library.
  ☆38Updated last year
• zodiacon / PEExplorer
  Portable Executable Explorer
  ☆156Updated 4 years ago
• microsoft / libyara.NET
  .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects
  ☆54Updated 8 months ago
• pwndizzle / c-sharp-memory-injection
  A set of scripts that demonstrate how to perform memory injection in C#
  ☆313Updated 7 years ago
• dxflatline / flatpipes
  A TCP proxy over named pipes. Originally created for maintaining a meterpreter session over 445 for less network alarms.
  ☆241Updated 3 years ago
• 0xd4d / JitDasm
  Disassemble jitted .NET methods
  ☆242Updated 4 years ago
• WalkingCat / SymDiff
  Diff tool for comparing symbols in PDB files
  ☆82Updated 5 years ago
• AviAvni / NativeLeakDetector
  Win32 memory leak detector with ETW
  ☆41Updated 7 years ago