A simple POC to demonstrate the power of .NET debugging for injection
☆73Aug 11, 2020Updated 5 years ago
Alternatives and similar repositories for DotNetDebug
Users that are interested in DotNetDebug are comparing it to the libraries listed below
Sorting:
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- C# Wrapper around Chisel from https://github.com/jpillora/chisel☆160Feb 25, 2023Updated 3 years ago
- A collection of weird ways to execute unmanaged code in .NET☆173May 4, 2021Updated 4 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- Phantom DLL hollowing PoC☆370May 23, 2022Updated 3 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆347Jul 21, 2020Updated 5 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Aug 25, 2020Updated 5 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- .NET tool for enumeration processes and dumping memory.☆57Apr 4, 2019Updated 6 years ago
- Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM☆123Aug 25, 2020Updated 5 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- .NET assembly local/remote loading/injection into memory.☆136Aug 2, 2019Updated 6 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Evasive Process Hollowing Techniques☆142Aug 16, 2020Updated 5 years ago
- Load PE via XML Attribute☆32Feb 1, 2020Updated 6 years ago
- Privilege Escalation Via RpcSs svc☆180Dec 10, 2021Updated 4 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Hide .Net assembly into png images☆36Aug 11, 2019Updated 6 years ago
- Loads .NET Assembly Via CLR Loader☆17Mar 6, 2019Updated 6 years ago
- ☆263Apr 10, 2023Updated 2 years ago
- ** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + …☆218Dec 8, 2022Updated 3 years ago
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆44Aug 25, 2020Updated 5 years ago
- SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 st…☆200Jan 23, 2020Updated 6 years ago
- A specialized C# memory-accessing library☆43Feb 3, 2019Updated 7 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆262Apr 24, 2021Updated 4 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Jul 3, 2022Updated 3 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago