Alternatives and similar repositories for DNCI

Users that are interested in DNCI are comparing it to the libraries listed below

• jfmaes / TrustJack

  View on GitHub
  Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows
  ☆143Jul 11, 2020Updated 5 years ago
• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆218Mar 5, 2020Updated 5 years ago
• Mr-B0b / SpaceRunner

  View on GitHub
  This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…
  ☆196Jul 26, 2020Updated 5 years ago
• offsecginger / AES-PowerShellCode

  View on GitHub
  Standalone version of my AES Powershell payload for Cobalt Strike.
  ☆111Dec 27, 2019Updated 6 years ago
• mdsecactivebreach / Execute-GithubAssembly-Aggressor

  View on GitHub
  Aggressor Script to Execute Assemblies from Github
  ☆71Nov 30, 2020Updated 5 years ago
• checkymander / Zolom

  View on GitHub
  C# Executable with embedded Python that can be used reflectively to run python code on systems without Python installed
  ☆244Aug 12, 2020Updated 5 years ago
• 0r13lc0ch4v1 / HideFromAMSI

  View on GitHub
  Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
  ☆31Feb 22, 2020Updated 5 years ago
• rasta-mouse / TikiTorch

  View on GitHub
  Process Injection
  ☆766Oct 24, 2021Updated 4 years ago
• b4rtik / RedPeanut

  View on GitHub
  RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
  ☆330Jul 7, 2023Updated 2 years ago
• rasta-mouse / AsyncNamedPipes

  View on GitHub
  Send and receive messages over Named Pipes asynchronously.
  ☆39Sep 17, 2021Updated 4 years ago
• ionescu007 / faxhell

  View on GitHub
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆330May 3, 2020Updated 5 years ago
• Ridter / SharpAddDomainMachine

  View on GitHub
  SharpAddDomainMachine
  ☆69Oct 12, 2021Updated 4 years ago
• rxwx / cs-rdll-ipc-example

  View on GitHub
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆121Jun 24, 2020Updated 5 years ago
• mez-0 / MoveScheduler

  View on GitHub
  .NET 4.0 Scheduled Job Lateral Movement
  ☆90Aug 25, 2020Updated 5 years ago
• BC-SECURITY / Invoke-PrintDemon

  View on GitHub
  This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.
  ☆202Oct 17, 2020Updated 5 years ago
• hessandrew / CVE-2020-9442

  View on GitHub
  OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation
  ☆26Feb 28, 2020Updated 5 years ago
• outflanknl / SharpHide

  View on GitHub
  Tool to create hidden registry keys.
  ☆491Oct 23, 2019Updated 6 years ago
• two06 / AMSI_Handler

  View on GitHub
  Automate AV evasion by calling AMSI
  ☆88May 31, 2023Updated 2 years ago
• leoloobeek / COMRunner

  View on GitHub
  A simple COM server which provides a component to run shellcode
  ☆149May 12, 2020Updated 5 years ago
• Soledge / BlockEtw

  View on GitHub
  .Net Assembly to block ETW telemetry in current process
  ☆81May 14, 2020Updated 5 years ago
• matterpreter / SHAPESHIFTER

  View on GitHub
  Companion PoC for the "Adventures in Dynamic Evasion" blog post
  ☆130May 25, 2021Updated 4 years ago
• rasta-mouse / EWSToolkit

  View on GitHub
  Abusing Exchange via EWS
  ☆152Sep 14, 2020Updated 5 years ago
• outflanknl / Ps-Tools

  View on GitHub
  Ps-Tools, an advanced process monitoring toolkit for offensive operations
  ☆355Dec 1, 2020Updated 5 years ago
• cobbr / SharpGen

  View on GitHub
  SharpGen is a .NET Core console application that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applica…
  ☆301Apr 23, 2021Updated 4 years ago
• djhohnstein / ScatterBrain

  View on GitHub
  Suite of Shellcode Running Utilities
  ☆114Jan 30, 2020Updated 6 years ago
• shantanu561993 / SharpChisel

  View on GitHub
  C# Wrapper around Chisel from https://github.com/jpillora/chisel
  ☆160Feb 25, 2023Updated 2 years ago
• BinaryScary / NET-Obfuscate

  View on GitHub
  Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
  ☆240Jun 9, 2023Updated 2 years ago
• mez-0 / CSharpWinRM

  View on GitHub
  .NET 4.0 WinRM API Command Execution
  ☆166Sep 11, 2020Updated 5 years ago
• fox-it / LDAPFragger

  View on GitHub
  ☆198Mar 19, 2020Updated 5 years ago
• cwolff411 / powerob

  View on GitHub
  An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.
  ☆143Oct 28, 2021Updated 4 years ago
• Accenture / CLRvoyance

  View on GitHub
  Managed assembly shellcode generation
  ☆280Mar 19, 2021Updated 4 years ago
• infosecn1nja / SharpDoor

  View on GitHub
  SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.
  ☆313Sep 30, 2019Updated 6 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• deadjakk / Reg1c1de

  View on GitHub
  Registry permission scanner written in C# for finding potential privesc avenues within registry
  ☆86Mar 9, 2021Updated 4 years ago
• anthemtotheego / SharpCradle

  View on GitHub
  ☆281Dec 30, 2020Updated 5 years ago
• bohops / GhostBuild

  View on GitHub
  GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
  ☆251Sep 26, 2020Updated 5 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• rasta-mouse / Fork-n-Run

  View on GitHub
  ☆73Oct 24, 2021Updated 4 years ago
• felamos / weirdhta

  View on GitHub
  A tool to create obfuscated HTA script.
  ☆178Jul 2, 2021Updated 4 years ago