NotoriousRebel
Follow
Stars
Covenant is a collaborative .NET C2 framework for red teamers.
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Cecil is a library to inspect, modify and create .NET programs and libraries.
Identifies the bytes that Microsoft Defender flags on.
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
SharpSploit is a .NET post-exploitation library written in C#
Directory Services Internals (DSInternals) PowerShell Module and Framework
Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
PowerShell Runspace Post Exploitation Toolkit
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
Writing custom backdoor payloads with C# - Defcon 27 Workshop
Also known by Microsoft as Knifecoat 🌶️
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
XenocodeRCE / neo-ConfuserEx
Forked from yck1509/ConfuserExUpdated ConfuserEX, an open-source, free obfuscator for .NET applications
StandIn is a small .NET35/45 AD post-exploitation toolkit