werdhaihai / SharpAltShellCodeExec
Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
☆74Updated last year
Related projects: ⓘ
- Modified versions of the Cobalt Strike Process Injection Kit☆85Updated 7 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆76Updated last year
- ☆116Updated last year
- ☆73Updated 10 months ago
- ☆76Updated last year
- ☆132Updated last year
- ☆65Updated this week
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆57Updated 8 months ago
- ☆143Updated last year
- A simple BOF that frees UDRLs☆106Updated 2 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 8 months ago
- ☆92Updated last year
- C# havoc implant☆90Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆110Updated last year
- Lateral Movement via the .NET Profiler☆74Updated 3 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆147Updated 10 months ago
- ☆79Updated 2 weeks ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆143Updated last year
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆12Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆114Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆47Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆66Updated last year
- Simple BOF to read the protection level of a process☆101Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆93Updated last year
- Library of BOFs to interact with SQL servers☆143Updated 3 months ago
- ProcExp Driver (Ab)use☆20Updated last year
- ☆99Updated this week
- A collection of (even more) alternative shellcode callback methods in CSharp☆64Updated 7 months ago
- ☆105Updated last year