guibacellar / DNCI
DNCI - Dot Net Code Injector
☆148Updated 4 years ago
Alternatives and similar repositories for DNCI:
Users that are interested in DNCI are comparing it to the libraries listed below
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆91Updated 5 years ago
- A set of scripts that demonstrate how to perform memory injection in C#☆312Updated 7 years ago
- A manual system call library that supports functions from both ntdll.dll and win32u.dll☆109Updated 2 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆156Updated 5 years ago
- C# code to run shellcode in a sneaky way☆90Updated 4 years ago
- .NET assembly local/remote loading/injection into memory.☆132Updated 5 years ago
- dem sharp donuts☆193Updated 2 years ago
- Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI☆233Updated last year
- ☆279Updated 4 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆227Updated 5 years ago
- Bare template for a Kernel Mode Driver☆51Updated 5 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆327Updated last year
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆83Updated 5 years ago
- Simple PoC demonstrating syscall execution in C#☆154Updated 4 years ago
- Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.☆230Updated 6 years ago
- Executable that mutates its own code☆376Updated 4 months ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆202Updated 4 years ago
- Managed assembly shellcode generation☆266Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆216Updated 5 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆149Updated 4 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Updated 6 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 4 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆187Updated 5 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- ** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + …☆214Updated 2 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- Use CLR to inject all the .NET apps☆185Updated 4 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆193Updated 5 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Executing a .NET Assembly from C++ in Memory (CLR Hosting)☆192Updated 8 years ago