Alternatives and similar repositories for NET-Assembly-Inject-Remote

Users that are interested in NET-Assembly-Inject-Remote are comparing it to the libraries listed below

• badBounty / directInjectorPOC
  Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.
  ☆84Updated 5 years ago
• outflanknl / TamperETW
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆189Updated 5 years ago
• jhalon / SharpCall
  Simple PoC demonstrating syscall execution in C#
  ☆153Updated 5 years ago
• xpn / NautilusProject
  A collection of weird ways to execute unmanaged code in .NET
  ☆173Updated 4 years ago
• med0x2e / NoAmci
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆217Updated 5 years ago
• Signal-Labs / NtdllUnpatcher
  Example code for EDR bypassing
  ☆150Updated 6 years ago
• n1xbyte / donutCS
  dem sharp donuts
  ☆200Updated 2 years ago
• am0nsec / SharpHellsGate
  C# Implementation of the Hell's Gate VX Technique
  ☆215Updated 5 years ago
• FuzzySecurity / Dendrobate
  Managed code hooking template.
  ☆132Updated 3 years ago
• TheWover / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆161Updated 5 years ago
• bats3c / DefensiveInjector
  Shellcode injector using direct syscalls
  ☆120Updated 4 years ago
• asaurusrex / DoppelGate
  DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…
  ☆121Updated 3 years ago
• NVISOsecurity / DInvisibleRegistry
  DInvisibleRegistry
  ☆82Updated 4 years ago
• MartinIngesen / TokenStomp
  C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
  ☆145Updated 3 years ago
• mez-0 / InMemoryNET
  Exploring in-memory execution of .NET
  ☆139Updated 3 years ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass
  AmsiScanBufferBypass using D/Invoke
  ☆135Updated 4 years ago
• DamonMohammadbagher / NativePayload_CBT
  NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)
  ☆118Updated 2 years ago
• mez-0 / CSharpWinRM
  .NET 4.0 WinRM API Command Execution
  ☆163Updated 4 years ago
• p3nt4 / RunDLL.Net
  Execute .Net assemblies using Rundll32.exe
  ☆113Updated 4 years ago
• Imanfeng / Telemetry
  ABUSING WINDOWS TELEMETRY FOR PERSISTENCE
  ☆140Updated 5 years ago
• py7hagoras / GetSystem
  This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of alm…
  ☆109Updated 2 years ago
• frkngksl / Celeborn
  Userland API Unhooker Project
  ☆109Updated 4 years ago
• plackyhacker / SandboxDefender
  C# code to Sandbox Defender (and most probably other AV/EDRs).
  ☆166Updated 3 years ago
• rxwx / cs-rdll-ipc-example
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆119Updated 5 years ago
• mdsecactivebreach / firewalker
  ☆151Updated 4 years ago
• cube0x0 / ParallelSyscalls
  C# version of MDSec's ParallelSyscalls
  ☆141Updated 3 years ago
• aaaddress1 / sakeInject
  Windows PE - TLS (Thread Local Storage) Injector in C/C++
  ☆106Updated 4 years ago
• xpn / DotNetDebug
  A simple POC to demonstrate the power of .NET debugging for injection
  ☆72Updated 4 years ago
• mez-0 / winrmdll
  C++ WinRM API via Reflective DLL
  ☆146Updated 3 years ago
• asaurusrex / Probatorum-EDR-Userland-Hook-Checker
  Project to check which Nt/Zw functions your local EDR is hooking
  ☆195Updated 4 years ago