NET

InlineExecute-Assembly – A PoC Beacon Object File (BOF) That Allows Security Professionals To Perform In Process .NET Assembly Execution

20 Sep 2021 By

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module. InlineExecute-Assembly will execute any assembly with the entry point of Main(string[] args) or Main(). This should allow you to run most releasedRead More

LoGiC.NET – A More Advanced Free And Open .NET Obfuscator Using Dnlib

28 Jul 2021 By

LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Before obfuscation After obfuscation Dependencies dnlib v3.3.2 : Restore NuGet packages and it’ll work (if it doesn’t already). SharpConfigParser : https://github.com/AnErrupTion/LoGiC.NET/raw/master/SharpConfigParser.dll Current Features Renames methods, parameters, properties,Read More

SharpSphere – .NET Project For Attacking vCenter

04 Mar 2021 By

SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter. It uses the vSphere Web Services API and exposes the following functions: Command & Control – In combination with F-Secure’s C3, SharpSphere provides C&C into VMs using VMware Tools, with no direct network connectivity toRead More

ExecuteAssembly – Load/Inject .NET Assemblies

07 Feb 2021 By

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIsRead More

NashaVM – A Virtual Machine For .NET Files And Its Runtime Was Made In C++/CLI

10 Oct 2020 By

Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI Installation git clone https://github.com/Mrakovic-ORG/NashaVM –recursecd NashaVMNashaVMnuget restoremsbuild Limitations Slow Several instructions are not implemented Can bug Dependencies dnlib .NET Framework 4.0 Visual C++ Redistrutable Known issues Incompatible with Linux based OS FAQ What is this project for? This project isRead More

SharpSecDump – .Net Port Of The Remote SAM + LSA Secrets Dumping Functionality Of Impacket’S Secretsdump.Py

27 Sep 2020 By

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket’s secretsdump.py. By default runs in the context of the current user. Please only use in environments you own or have permission to test against 🙂 Usage SharpSecDump.exe -target=192.168.1.15 -u=admin -p=Password123 -d=test.local Required Flags -target – Comma seperated list of IP’s / hostnamesRead More

SharpChromium – .NET 4.0 CLR Project To Retrieve Chromium Data, Such As Cookies, History And Saved Logins

12 Aug 2020 By

SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract: Cookies (in JSON format) History (with associated cookies for each history item) Saved Logins Note: All cookies returned are in JSON format. If you have the extension Cookie Editor installed, you canRead More

SharpRDP – Remote Desktop Protocol .NET Console Application For Authenticated Command Execution

07 Mar 2020 By

To compile open the project in Visual Studio and build for release. Two DLLs will be output to the Release directory, you do not need those because the DLLs are in the assembly. If you do not want to use the provided DLLs you will need to .NET SDK to create the AxMSTSCLib.dll DLL. ToRead More

X