nbaertsch/AutoAppDomainHijack external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

nbaertsch/AutoAppDomainHijack

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nbaertsch/AutoAppDomainHijack)

Close

nbaertsch / AutoAppDomainHijackView on GitHubMore

• External links
• Readme badge

Automated .NET AppDomain hijack payload generation

☆129Feb 4, 2025Updated last year

Alternatives and similar repositories for AutoAppDomainHijack

Users that are interested in AutoAppDomainHijack are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• itaymigdal / PartyLoader

  View on GitHub
  Threadless shellcode injection tool
  ☆68Aug 5, 2024Updated last year
• ipSlav / DirtyCLR

  View on GitHub
  An App Domain Manager Injection DLL PoC on steroids
  ☆213Dec 14, 2023Updated 2 years ago
• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆109Jan 24, 2024Updated 2 years ago
• mlcsec / EDRenum-BOF

  View on GitHub
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆133Oct 4, 2024Updated last year
• nbaertsch / PoolProxy

  View on GitHub
  Proxy function calls through the thread pool with ease
  ☆31Feb 27, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• bananabr / CLRInjector

  View on GitHub
  A PoC .NET-specific process injection tool
  ☆58Mar 17, 2024Updated 2 years ago
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• Teach2Breach / noldr

  View on GitHub
  Dynamically resolve API function addresses at runtime in a secure manner.
  ☆72Nov 11, 2025Updated 5 months ago
• weaselsec / ClickOnce-AppDomain-Manager-Injection

  View on GitHub
  Click Once + App Domain
  ☆67Feb 23, 2026Updated 2 months ago
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆192Mar 4, 2024Updated 2 years ago
• vxCrypt0r / AMSI_VEH

  View on GitHub
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆170May 30, 2024Updated last year
• cpu0x00 / SharpReflectivePEInjection

  View on GitHub
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆167Jan 4, 2024Updated 2 years ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆127Sep 1, 2024Updated last year
• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆120Jan 5, 2024Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆232Dec 3, 2025Updated 4 months ago
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆164Oct 31, 2024Updated last year
• byt3bl33d3r / NimDllSideload

  View on GitHub
  DLL sideloading/proxying with Nim!
  ☆173Dec 4, 2022Updated 3 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆284Sep 18, 2024Updated last year
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆174Jun 17, 2024Updated last year
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆325Jun 18, 2023Updated 2 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆136Dec 4, 2023Updated 2 years ago
• nbaertsch / nimvoke

  View on GitHub
  Indirect syscalls + DInvoke made simple.
  ☆96Dec 24, 2024Updated last year
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆235Oct 8, 2024Updated last year
• OffenseTeacher / NimRekey

  View on GitHub
  ☆39May 20, 2023Updated 2 years ago
• nbaertsch / Shrike

  View on GitHub
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆61Dec 11, 2024Updated last year
• d4rkiZ / EmbedExeLnk-

  View on GitHub
  EmbedExeLnk by x86matthew modified by d4rkiZ
  ☆45Apr 27, 2023Updated 3 years ago
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆328Apr 12, 2024Updated 2 years ago
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆210Jun 10, 2024Updated last year
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆227Nov 23, 2023Updated 2 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆379Apr 19, 2023Updated 3 years ago
• eladshamir / BadWindowsService

  View on GitHub
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆68Aug 25, 2022Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• xpn / CloudInject

  View on GitHub
  ☆122Nov 21, 2024Updated last year
• d419h / IconJector

  View on GitHub
  Inject DLLs into the explorer process using icons
  ☆408May 18, 2025Updated 11 months ago
• jfjallid / go-secdump

  View on GitHub
  Tool to remotely dump secrets from the Windows registry
  ☆527Feb 27, 2026Updated 2 months ago
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆250Jun 11, 2024Updated last year
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆236Feb 12, 2025Updated last year
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆406Mar 28, 2024Updated 2 years ago
• CICADA8-Research / IHxExec

  View on GitHub
  Process injection alternative
  ☆407Sep 6, 2024Updated last year