tothi/SharpStay external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tothi/SharpStay

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tothi/SharpStay)

Close

tothi / SharpStayView on GitHubMore

• External links
• Readme badge

.NET project for installing Persistence

☆63Feb 14, 2022Updated 4 years ago

Alternatives and similar repositories for SharpStay

Users that are interested in SharpStay are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Allevon412 / PPL_Sandboxer

  View on GitHub
  ☆82Feb 12, 2022Updated 4 years ago
• dosxuz / ProcessGhosting

  View on GitHub
  Small POC for process ghosting
  ☆40Feb 1, 2022Updated 4 years ago
• Allevon412 / ClassicAPIUnhooking

  View on GitHub
  ☆16Nov 23, 2021Updated 4 years ago
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆186Jul 21, 2022Updated 3 years ago
• Wra7h / SharpGhosting

  View on GitHub
  Process Ghosting in C#
  ☆220Jan 24, 2022Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆125May 24, 2022Updated 3 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆314Sep 16, 2021Updated 4 years ago
• whydee86 / SnD_AMSI

  View on GitHub
  Start new PowerShell without etw and amsi in pure nim
  ☆157Feb 14, 2022Updated 4 years ago
• improsec / CaddyStager

  View on GitHub
  ☆40May 21, 2022Updated 3 years ago
• xforcered / InvisibilityCloak

  View on GitHub
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆430Jul 22, 2022Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary

  View on GitHub
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Mar 3, 2022Updated 4 years ago
• mez-0 / winrmdll

  View on GitHub
  C++ WinRM API via Reflective DLL
  ☆145Sep 11, 2021Updated 4 years ago
• Allevon412 / TeamsImplant

  View on GitHub
  ☆209Feb 24, 2022Updated 4 years ago
• S3cur3Th1sSh1t / SharpImpersonation

  View on GitHub
  A User Impersonation tool - via Token or Shellcode injection
  ☆424May 21, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• JamesCooteUK / BOFs

  View on GitHub
  Collection of BOFs for Cobalt Strike
  ☆32Mar 28, 2023Updated 3 years ago
• EncodeGroup / UAC-SilentClean

  View on GitHub
  New UAC bypass for Silent Cleanup for CobaltStrike
  ☆192Jul 14, 2021Updated 4 years ago
• Sh0ckFR / DLLirant

  View on GitHub
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆322Sep 23, 2022Updated 3 years ago
• py7hagoras / GetSystem

  View on GitHub
  This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of alm…
  ☆107Feb 14, 2023Updated 3 years ago
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆144Jan 9, 2022Updated 4 years ago
• m3rcer / Chisel-Strike

  View on GitHub
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆462Mar 25, 2024Updated 2 years ago
• Flangvik / CobaltBus

  View on GitHub
  Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
  ☆248Feb 23, 2022Updated 4 years ago
• klezVirus / NimlineWhispers3

  View on GitHub
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆148Jun 2, 2022Updated 3 years ago
• alfarom256 / StinkyLoader

  View on GitHub
  It stinks
  ☆103Apr 22, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• KaLendsi / CVE-2022-21882

  View on GitHub
  win32k LPE
  ☆463Jan 27, 2022Updated 4 years ago
• GetRektBoy724 / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker
  ☆410Feb 18, 2022Updated 4 years ago
• Wra7h / ARCInject

  View on GitHub
  Overwrite a process's recovery callback and execute with WER
  ☆102Apr 17, 2022Updated 4 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 4 years ago
• pkb1s / SharpRelay

  View on GitHub
  ☆182Feb 3, 2021Updated 5 years ago
• mpgn / BackupOperatorToDA

  View on GitHub
  From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
  ☆443Jan 4, 2025Updated last year
• rad9800 / WTSRM

  View on GitHub
  WTSRM
  ☆216Aug 7, 2022Updated 3 years ago
• 0xthirteen / SharpStay

  View on GitHub
  .NET project for installing Persistence
  ☆498Jun 26, 2024Updated last year
• sailay1996 / CdpSvcLPE

  View on GitHub
  Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
  ☆254Sep 15, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• boku7 / injectAmsiBypass

  View on GitHub
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆382Mar 8, 2023Updated 3 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆507Jan 19, 2022Updated 4 years ago
• EspressoCake / Self_Deletion_BOF

  View on GitHub
  BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
  ☆186Oct 3, 2021Updated 4 years ago
• jbaines-r7 / blankspace

  View on GitHub
  Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)
  ☆64Feb 14, 2022Updated 4 years ago
• ajpc500 / BOFs

  View on GitHub
  Collection of Beacon Object Files
  ☆640Nov 1, 2022Updated 3 years ago
• djhohnstein / HookDetector

  View on GitHub
  Playing with PE's and Building Structures by Hand
  ☆22Apr 21, 2022Updated 4 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆306Sep 28, 2022Updated 3 years ago