A collection of (even more) alternative shellcode callback methods in CSharp
☆81Oct 26, 2024Updated last year
Alternatives and similar repositories for CSharp-Alt-Shellcode-Callbacks
Users that are interested in CSharp-Alt-Shellcode-Callbacks are comparing it to the libraries listed below
Sorting:
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆100Mar 25, 2025Updated 11 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆131Jan 14, 2023Updated 3 years ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆40Dec 12, 2025Updated 3 months ago
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 7 months ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 4 months ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Ansible Cobalt Strike (Docker)☆15Jan 8, 2022Updated 4 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆45Apr 27, 2023Updated 2 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- ☆39Oct 12, 2022Updated 3 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆109Jan 3, 2023Updated 3 years ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- C# havoc implant☆100Feb 12, 2023Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52May 8, 2024Updated last year
- load dumped csharp binaries as assemblies and launch them in memory☆28Feb 9, 2024Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆680Aug 15, 2025Updated 7 months ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- Repository to gather the .NET malware I will be developing☆18Mar 7, 2026Updated last week
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago