ricardojoserf / SharpNado
Repository to gather the .NET malware I will be developing
☆11Updated last month
Related projects ⓘ
Alternatives and complementary repositories for SharpNado
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆70Updated 4 years ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆166Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆48Updated 2 weeks ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆101Updated last year
- ☆122Updated 11 months ago
- ☆108Updated last year
- Collect Windows telemetry for Maldev☆62Updated this week
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆135Updated 6 months ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆19Updated 2 weeks ago
- ☆118Updated last year
- Tool for playing with Windows Access Token manipulation.☆52Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆72Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆44Updated 6 months ago
- ☆81Updated 3 months ago
- Lateral Movement via the .NET Profiler☆76Updated this week
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- ☆142Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆55Updated 3 months ago
- A C# implementation of dumping credentials from Windows Credential Manager☆56Updated last year
- Malware?☆70Updated last month
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated 2 months ago
- ☆116Updated 2 months ago
- Patch AMSI and ETW in remote process via direct syscall☆77Updated 2 years ago
- ☆27Updated 3 months ago
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆104Updated 2 months ago
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆145Updated 10 months ago
- ☆37Updated 2 years ago
- Threadless shellcode injection tool☆61Updated 3 months ago