A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.
☆99Mar 25, 2025Updated 11 months ago
Alternatives and similar repositories for CSharpSourceObfuscator
Users that are interested in CSharpSourceObfuscator are comparing it to the libraries listed below
Sorting:
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆81Oct 26, 2024Updated last year
- Simple reverse ICMP shell☆14Apr 30, 2024Updated last year
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆63Aug 25, 2022Updated 3 years ago
- Load a dynamic library from memory by modifying the native Windows loader☆285Jun 18, 2025Updated 8 months ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 7 months ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆281Sep 18, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆258Jun 29, 2024Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆568Jan 20, 2026Updated last month
- ☆164Dec 30, 2022Updated 3 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆433Dec 21, 2023Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- malware written for educational purposes☆71Dec 31, 2025Updated 2 months ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52May 8, 2024Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated 11 months ago
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 6 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆123Jan 17, 2026Updated last month
- PoC to self-delete a binary in C#☆35Feb 6, 2024Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- A PoC .NET-specific process injection tool☆58Mar 17, 2024Updated last year
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 2 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆169Jan 25, 2024Updated 2 years ago
- ☆152Jan 6, 2023Updated 3 years ago
- It's pointy and it hurts!☆127Oct 18, 2022Updated 3 years ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆263Aug 31, 2025Updated 6 months ago
- ☆246Dec 16, 2022Updated 3 years ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆88Mar 2, 2025Updated 11 months ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Feb 9, 2024Updated 2 years ago