Stars
Covenant is a collaborative .NET C2 framework for red teamers.
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Deserialization payload generator for a variety of .NET formatters
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
Open source obfuscation tool for .NET assemblies
PingCastle - Get Active Directory Security at 80% in 20% of the time
Identifies the bytes that Microsoft Defender flags on.
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
Run PowerShell with rundll32. Bypass software restrictions.
SharpSploit is a .NET post-exploitation library written in C#
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
SharpUp is a C# port of various PowerUp functionality.
A tool to create a JScript file which loads a .NET v2 assembly from memory.
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
A method of bypassing EDR's active projection DLL's by preventing entry point exection
This program is designed to demonstrate various process injection techniques
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
RunasCs - Csharp and open version of windows builtin runas.exe
PowerShell rebuilt in C# for Red Teaming purposes
.NET DllExport with .NET Core support (aka 3F/DllExport aka DllExport.bat)
Scan files or process memory for CobaltStrike beacons and parse their configuration