A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Also known by Microsoft as Knifecoat 🌶️

StandIn is a small .NET35/45 AD post-exploitation toolkit

.NET Project for Attacking vCenter

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript

A C# port of the MinHook API hooking library

.NET 4.0 Console App to browse VMDK / VHD images and extract files

This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.

C# version of Powermad

PoC for UUID shellcode execution using DInvoke

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)

Resolve syscall numbers at runtime for all Windows versions.