Alternatives and similar repositories for shed:

Users that are interested in shed are comparing it to the libraries listed below

• enkomio / sacara
  Sacara VM
  ☆122Updated 5 years ago
• tandasat / DotNetHooking
  Sample use cases of the .NET native code hooking technique
  ☆208Updated 7 years ago
• endgameinc / ClrGuard
  ☆213Updated 6 years ago
• jonatan1024 / clrinject
  Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.
  ☆230Updated 6 years ago
• CyberPoint / Ruxcon2016ETW
  Ruxcon2016 POC Code
  ☆137Updated 8 years ago
• enkomio / Sojobo
  A binary analysis framework
  ☆132Updated 4 years ago
• malcomvetter / ManagedInjection
  A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
  ☆162Updated 6 years ago
• enkomio / RunDotNetDll
  A simple utility to list all methods of a given .NET Assembly and to invoke them
  ☆73Updated 3 years ago
• justinstenning / SharpDisasm
  SharpDisasm - x86 / x86-64 disassembler for .NET
  ☆216Updated 5 years ago
• enkomio / Anathema
  .NET instrumentation framework
  ☆72Updated 7 years ago
• kevingosse / windbg-extensions
  Extensions for the new WinDbg
  ☆97Updated last year
• goldshtn / etrace
  Command-line tool for ETW tracing on files and real-time events
  ☆145Updated 5 years ago
• zodiacon / CLRExplorer
  Explore .NET Processes and Dump files
  ☆116Updated 4 years ago
• ustayready / CasperStager
  PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
  ☆148Updated 5 years ago
• wildcardc / cfxc-deobf
  A ConfuserEx-custom deobfuscation toolchain
  ☆51Updated 7 years ago
• zodiacon / DriverMon
  Monitor activity of any driver
  ☆334Updated 4 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 8 years ago
• djhohnstein / .NET-Profiler-DLL-Hijack
  Implementation of the .NET Profiler DLL hijack in C#
  ☆98Updated 6 years ago
• ChadSki / SharpNeedle
  Inject C# code into a running process
  ☆337Updated last year
• unknownv2 / CoreHook
  A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
  ☆268Updated last year
• goldshtn / windbg-extensions
  Various extensions for WinDbg
  ☆170Updated 10 years ago
• microsoft / libyara.NET
  .NET wrapper for libyara built in C++ CLI used to easily incorporate yara into .NET projects
  ☆53Updated 6 months ago
• 0xd4d / JitDasm
  Disassemble jitted .NET methods
  ☆242Updated 4 years ago
• airbus-cert / dnYara
  A multi-platform .Net wrapper library for the native Yara library.
  ☆38Updated last year
• citronneur / detours.net
  Hook native API with C#
  ☆196Updated last year
• MagnetForensics / SwishDbgExt
  Incident Response & Digital Forensics Debugging Extension
  ☆375Updated 6 years ago
• pwndizzle / c-sharp-memory-injection
  A set of scripts that demonstrate how to perform memory injection in C#
  ☆310Updated 7 years ago
• securifybv / ShellLink
  A .NET Class Library for processing ShellLink (LNK) files
  ☆193Updated 3 years ago
• 0xbadjuju / WheresMyImplant
  A Bring Your Own Land Toolkit that Doubles as a WMI Provider
  ☆285Updated 6 years ago
• zodiacon / PEExplorer
  Portable Executable Explorer
  ☆155Updated 3 years ago