Modify managed functions from unmanaged code
☆53Feb 1, 2024Updated 2 years ago
Alternatives and similar repositories for unmanaged-dotnet-patch
Users that are interested in unmanaged-dotnet-patch are comparing it to the libraries listed below
Sorting:
- ☆60Dec 15, 2023Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- ☆101Oct 7, 2023Updated 2 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆203Dec 27, 2023Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated 3 weeks ago
- ☆245Sep 19, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆122May 29, 2024Updated last year
- ☆164Dec 30, 2022Updated 3 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- ☆109Feb 17, 2025Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- Implementation of Indirect Syscall technique to pop a calc.exe☆113Jan 25, 2024Updated 2 years ago
- ☆129Jun 28, 2023Updated 2 years ago
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- ☆83Nov 1, 2023Updated 2 years ago
- Execute shellcode files with rundll32☆216Jan 28, 2024Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago