guibacellar / DNCI
DNCI - Dot Net Code Injector
☆144Updated 3 years ago
Related projects: ⓘ
- ☆119Updated this week
- A set of scripts that demonstrate how to perform memory injection in C#☆308Updated 6 years ago
- A manual system call library that supports functions from both ntdll.dll and win32u.dll☆107Updated last year
- .NET assembly local/remote loading/injection into memory.☆124Updated 5 years ago
- Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI☆229Updated last year
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆90Updated 5 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆83Updated 4 years ago
- C# code to run shellcode in a sneaky way☆89Updated 3 years ago
- dem sharp donuts☆185Updated 2 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆221Updated 5 years ago
- A C# port of the MinHook API hooking library☆201Updated 2 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆155Updated 5 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆193Updated 4 years ago
- Bare template for a Kernel Mode Driver☆50Updated 4 years ago
- Managed code hooking template.☆127Updated 2 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆331Updated last year
- Executing a .NET Assembly from C++ in Memory (CLR Hosting)☆184Updated 7 years ago
- Executable that mutates its own code☆368Updated last year
- Implementation of the .NET Profiler DLL hijack in C#☆98Updated 5 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆150Updated 4 years ago
- A C# DLL injection library☆208Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆213Updated 4 years ago
- Use CLR to inject all the .NET apps☆183Updated 3 years ago
- ** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + …☆214Updated last year
- Example code for EDR bypassing☆149Updated 5 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆224Updated 4 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆192Updated 5 years ago
- Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.☆227Updated 5 years ago
- Packer compressing .net assemblies, (ab)using the PE format for data storage☆152Updated last year
- ☆276Updated 3 years ago