Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Collection of Offensive C# Tooling

Read the blog post here: https://iwantmore.pizza/posts/PEzor.html

A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2

D/Invoke port of UrbanBishop

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object

Shikata ga nai (仕方がない) encoder ported into go with several improvements

Loads any C# binary in mem, patching AMSI and bypassing Windows Defender

SharpSploit is a .NET post-exploitation library written in C#

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

My musings with C#

Windows - Weaponizing privileged file writes with the Update Session Orchestrator service

A simple proof of concept for detecting use of Cobalt Strike's execute-assembly

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

Windows AV Evasion

Evade sysmon and windows event logging

C# remote process injection utility for Cobalt Strike

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

SharpGen is a .NET Core console application that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applications or libraries.