ricardojoserf / SharpNado

Related projects ⓘ

Alternatives and complementary repositories for SharpNado

• michaelweber / CSharpSourceObfuscator
  A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.
  ☆69Updated 4 years ago
• rasta-mouse / CsWhispers
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆168Updated 8 months ago
• SECFORCE / SharpWhispers
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆101Updated last year
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆44Updated 6 months ago
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆160Updated last year
• securifybv / BOFRyptor
  ☆118Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆54Updated 3 months ago
• OtterHacker / SetProcessInjection
  ☆142Updated last year
• wsummerhill / DictionShellcode
  Encode shellcode into dictionary words for evasion and entropy reduction
  ☆19Updated last week
• passthehashbrowns / BOFMask
  ☆108Updated last year
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated last month
• Hagrid29 / RemotePatcher
  Patch AMSI and ETW in remote process via direct syscall
  ☆77Updated 2 years ago
• deh00ni / NtDumpBOF
  ☆88Updated 2 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆81Updated 4 months ago
• passthehashbrowns / VectoredExceptionHandling
  ☆81Updated 2 months ago
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆42Updated this week
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆77Updated last year
• ricardojoserf / SharpSelfDelete
  PoC to self-delete a binary in C#
  ☆25Updated 9 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆90Updated last year
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆51Updated last year
• Octoberfest7 / enumhandles_BOF
  ☆116Updated 2 months ago
• trustedsec / CS_COFFLoader
  ☆121Updated 11 months ago
• wsummerhill / CSharp-Alt-Shellcode-Callbacks
  A collection of (even more) alternative shellcode callback methods in CSharp
  ☆66Updated 2 weeks ago
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆134Updated 5 months ago
• rasta-mouse / DInvoke
  Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
  ☆145Updated 9 months ago
• rasta-mouse / PacketAlchemy
  Playing with packets in C#
  ☆14Updated 2 months ago
• decoder-it / RelabelAbuse
  ☆59Updated 5 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆84Updated 8 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆74Updated 5 months ago