.NET debugger and assembly editor

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

.NET deobfuscator and unpacker.

Covenant is a collaborative .NET C2 framework for red teamers.

Trying to tame the three-headed dog.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Deserialization payload generator for a variety of .NET formatters

Network Analysis Tool

An open-source, free protector for .NET applications

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Set of tools to analyze Windows sandboxes for exposed attack surface.

Run PowerShell with rundll32. Bypass software restrictions.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

PowerShell Runspace Post Exploitation Toolkit

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Collection of Offensive C# Tooling

A tool to create a JScript file which loads a .NET v2 assembly from memory.

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

The Hunt for Malicious Strings

A method of bypassing EDR's active projection DLL's by preventing entry point exection

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

A tool to elevate privilege with Windows Tokens

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

.NET DllExport with .NET Core support (aka 3F/DllExport aka DllExport.bat)

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

PowerShell rebuilt in C# for Red Teaming purposes