sunsided / native-dotnet-code-injection
Injection of managed code into non-managed Windows applications
☆28Updated 6 years ago
Alternatives and similar repositories for native-dotnet-code-injection:
Users that are interested in native-dotnet-code-injection are comparing it to the libraries listed below
- ☆26Updated 6 years ago
- Spoof parent process ID☆13Updated 6 years ago
- A .NET tool that uses AppDomain's to enable dynamic execution and escape detection.☆29Updated 5 years ago
- Windows Process Injection Toolkit - plain and simple :)☆26Updated 6 years ago
- A simple, minimal C# windows service implementation that can be used to demonstrate privilege escalation from misconfigured windows servi…☆16Updated 9 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆15Updated 4 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 5 years ago
- C# code to run PIC using CreateThread☆17Updated 6 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Updated 6 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 3 years ago
- Files for generating a C# source file that allows for memory-mapping "niceness" and then executing said "niceness"☆31Updated 6 years ago
- Quick Proof of Concept for reading a processes memory and searching for a specific string.☆10Updated 6 years ago
- PoC code from blog☆16Updated 5 years ago
- Simple shellcode injector.☆14Updated 6 years ago
- Different code-injections techniques under a common tool☆30Updated 4 years ago
- Loading and executing shellcode in C# without PInvoke.☆20Updated 3 years ago
- ☆10Updated 7 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Updated 5 years ago
- Run Managed Assemblies with RunDll☆17Updated 6 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Updated 6 years ago
- medium-rare☆28Updated 5 years ago
- An example pattern in C# for using WMI to monitor process creation and termination events.☆52Updated 6 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 4 years ago
- ☆28Updated 7 years ago
- Python script to patch the reflective stub in a DLL☆24Updated 8 years ago
- The evolution of NxRansomware☆10Updated 5 years ago
- Simple DLL injector written in C#☆24Updated 9 years ago
- Automate AV evasion by calling AMSI☆88Updated last year
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 4 years ago