Uncategorized
- jojonas/SharpSAMDump - SAM Dumping in C#
- wwh1004/MetadataLocator - Locate the address of .NET metadata by CLR to anti anti dump - 有个ConfuserEx对抗例子
- KirillOsenkov/MetadataTools - Various tools and helpers to read assembly metadata
- lowleveldesign/dotnet-netrace - Collects network traces of .NET applications
- enkomio/shed - .NET runtine inspector - 还支持 SetWindowHooks 注入,可以注入managed和unmanaged程序,注入在DLL里实现的
- williballenthin/python-dotnet-binaryformat - Pure Python parser for data encoded by .NET's BinaryFormatter
- jbevain/cecil - Cecil is a library to inspect, modify and generate .NET programs and libraries
- chrisnas/DebuggingExtensions - Host of debugging-related extensions such as post-mortem tools or WinDBG extensions
Memory tools
- bananabr/CLRInjector - A PoC .NET-specific process injection tool
- daddycocoaman/turdshovel - Dump objects from .NET dumps
- bohops/RogueAssemblyHunter - Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes - 可以从注入的程序里提取.NET assembly,且不会受到ETW hook的影响
COM
ILSpy plugins