This is your work, valued
CSExec. An implementation of PSExec in C#
336ManagedInjection. A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
164NamedPipes. A pattern for client/server communication via Named Pipes via C#
98UnstoppableService. A pattern for a self-installing Windows service in C# with the unstoppable attributes in C#.
66WMIProcessWatcher. An example pattern in C# for using WMI to monitor process creation and termination events.
52DnsCache. C++
46AntiDebug. PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.
32WcfScan. A tool for scanning NET.TCP WCF endpoints to test the security of their binding configurations.
31ActiveDirectoryServices. A more full featured C# API for connecting to and managing Active Directory (AD) and Lightweight Directory (AD-LDS) instances, complete with consumer application examples.
25WidgetSender. Intentionally Vulnerable Demo App: .NET MVC, WCF, WebAPI, Web Forms
22ChromePasswords. C
19WhoDis. An example pattern in C# for watching security events (logon/logoff/privilege)
17SneakyService. A simple, minimal C# windows service implementation that can be used to demonstrate privilege escalation from misconfigured windows services.
16BlueScreenOnExit. PoC of a protected process causing a blue screen if killed.
15RunAs. An example in C# for programmatically calling UAC to escalate to admin
14CertCheck. Programmatically access a TLS certificate chain in C++ and C#
12TLAD. The Totally Legit Authentication Dialog
12DieHard. PoC: process watcher patterns to make killing a process hard.
11ProtectProcessFromJoeUser. PoC: Protecting Joe User from killing his own process.
9kata. A collection of breach and post-exploitation kata for the red teamer to constantly train to maintain proficiency.
8LuhnForce. A C# tool for brute forcing Credit Card numbers with valid Luhn checks.
7HeapSurf. A credit card memory scraper written in C#
5Trojan-RetailDiagnostics. C#
5BurpHmac. An HMAC authentication header plugin for Burp Proxy, written in Python.
4PlanetExpressStockTracker. A silly little example how to trojan a C# windows app, as demonstrated at the southwest region CCDC competition.
4readline. A Pure C# GNU-Readline like library for .NET/.NET Core
3SpoofParentProcess. C++
3taskkill. C++
2netstat. C++
2WindowsSessions. C++
2CAPE. Malware Configuration And Payload Extraction
2Internal-Monologue. Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
2SharpInvoke-SMBExec. SMBExec C# module
1dns. A DNS library written in C#
1screenshot. C++
1OpenAutoruns. :shield: An open-source Windows autoruns viewer, as a course project (SJTU-IS405).
1jarm. Python
1HappySad. Sometimes you just need a Happy EXE and a Sad EXE
1SunburstStrings. C#
1