usdAG / SharpLink
Create file system symbolic links from low privileged user accounts within PowerShell
☆92Updated 2 years ago
Alternatives and similar repositories for SharpLink:
Users that are interested in SharpLink are comparing it to the libraries listed below
- A fake AMSI Provider which can be used for persistence.☆147Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆139Updated 9 months ago
- ☆142Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆91Updated 3 years ago
- Managed code hooking template.☆130Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆103Updated last year
- An example of using Syscalls in C# to get a meterpreter shell.☆108Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆122Updated 2 years ago
- D/Invoke implementation in Nim☆100Updated 2 years ago
- Find .net assemblies locally☆105Updated 2 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆70Updated 4 years ago
- ☆37Updated 2 years ago
- Execute PowerShell code at the antimalware-light protection level.☆139Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆111Updated last year
- D/Invoke port of UrbanBishop☆106Updated 4 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆83Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- ☆56Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆102Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 8 months ago
- Experiment on reproducing Obfuscate & Sleep☆141Updated 3 years ago
- It's pointy and it hurts!☆123Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆62Updated 5 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆132Updated 5 months ago
- Simple APPLocker bypass summary☆40Updated 6 years ago
- Offensive tool for fileless lateral movement on Windows networks☆25Updated 10 months ago
- Implant drop-in for EDR testing☆135Updated last year
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 4 years ago