• Stars
    star
    2
  • Language
    C#
  • Created over 2 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

BasicEventViewer (BEV v3.0), this code will useful for All Blue Teamers.

More Repositories

1

eBook-BypassingAVsByCSharp

eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
458
star
2

ETWProcessMon2

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
C#
291
star
3

NativePayload_DNS

C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses
C#
265
star
4

NativePayloads

All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
C#
222
star
5

NativePayload_Reverse_tcp

Meterpreter Encrypted Payload by C#
C#
160
star
6

Meterpreter_Payload_Detection

Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
C#
159
star
7

NativePayload_CBT

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)
C#
114
star
8

NativePayload_ReverseShell

This is Simple C# Source code to Bypass almost "all" AVS, (kaspersky v19, Eset v12 v13 ,Trend-Micro v16, Comodo & Windows Defender Bypassed via this method Very Simple)
C#
109
star
9

Some_Pentesters_SecurityResearchers_RedTeamers

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
103
star
10

NativePayload_Image

Transferring Backdoor Payloads with BMP Image Pixels
Shell
79
star
11

NativePayload_PE1

NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
C#
57
star
12

NativePayload_BSSID

Transferring Backdoor Payload by BSSID and Wireless traffic
Shell
55
star
13

NativePayload_DNS2

C# code for Transferring Backdoor Payloads by DNS Traffic (A - PTR Records) and Bypassing Anti-viruses
C#
45
star
14

NativePayload_ARP

C# code for Transferring Backdoor Payloads by ARP Traffic and Bypassing Anti-viruses (Slow)
C#
43
star
15

Videos-BypassingAVsByCSharp

Video files for eBook: "Bypassing AVs by C#.NET Programming"
41
star
16

ETWNetMonv3

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
C#
38
star
17

NativePayload_IP6DNS

C# code for Transferring Backdoor Payloads by IPv6 Address (AAAA) records and DNS Traffic also Bypassing Anti-viruses
C#
31
star
18

NativePayload_ICMP

C# code for Transferring Backdoor Payloads by ICMPv4 Traffic and bypassing Anti-Viruses
C#
29
star
19

FakeFileMaker

Social Engineering: Simple way to make a fake file for Backdoors
C#
24
star
20

BEV4

BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files
C#
16
star
21

NativePayload_HTTP

Data Exfiltration via HTTP Traffic (C# and Shell Script)
Shell
16
star
22

NativePayload_ARP2

Simple Script "NativePayload_ARP2.sh" for Sending DATA via ARP Bcast Traffic to all systems in (LAN) by "Vid" tag
Shell
13
star
23

NativePayload_Tinjection

Remote Thread Injection by C# + Delegate Techniques
C#
12
star
24

NativePayload_TiACBT

NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)
C#
12
star
25

NativePayload_DIM

NativePayload_DIM Dynamic native dll Injection in Memory , Injecting Native DLL bytes to local Process
C#
11
star
26

NativePayload_DCP

Compiling Csharp in-memory and Execute to bypass AVs
C#
11
star
27

Exfiltration-and-Uploading-DATA-by-DNS-Traffic-AAAA-Records-

Pdf File : Exfiltration and Uploading DATA by DNS Traffic (AAAA Records)
10
star
28

RedbudTree

DNS IPv6 Request Listener (UDP Port 53) for Detecting Exfiltration DATA via IPv6 DNS AAAA Record Requests
C#
9
star
29

eBook_Bypassing-Antiviruses-by-C-Programming-v2.0

bypassing Anti-viruses by csharp programming v2.0
9
star
30

NativePayload_LocalCreateThread7

Chunking CobaltStrike Payloads + Jump Method
C#
9
star
31

FSWatch

File System Watcher via C# (Monitoring File Activity , Create/Delete/Change/Rename events + some Activity like Size/Attribute/Security Changes & LastAccess, LastWrite etc...)
C#
8
star
32

damonmohammadbagher.github.io

HTML
8
star
33

NativePayload_CTX

NativePayload_CTX Create Thread via _beginthreadex function in msvcrt.dll
C#
8
star
34

TCPMon

TCPMon v3.1 or (4.0) was a very old Code which made by me in C# for Monitoring TCP Connection via Native APIs (was fun in that time ;D)
C#
7
star
35

Payload-hiding-Method-via-Infecting-Target-Process-Memory

HTML
7
star
36

NativePayload_TId

Remote Thread Injection by C# Delegate
C#
7
star
37

NativePayload_CDynApp3

Loading Csharp C2 Client-side codes in RAM by Very Simple New Technique to avoid Detection
C#
7
star
38

NativePayload_RefPtr1

NativePayload_RefPtr1 Indirect call csharp method in memory [without call c# method in source code directly]
C#
5
star
39

NativePayload_ASM3

NativePayload_ASM/AsynASM , Injecting Meterpreter Payload bytes into local Process via Delegation Technique [Technique D] + in-memory with delay Changing RWX to X [Bypassing AVs]
C#
5
star
40

NativePayload_MP

C# Backdoor & Mapper/Proxy tool (backdoor & proxy tool working in memory only)
C#
4
star
41

Manifest-Creator

C# tool for make XML report from Network Hosts (report contains: Cpu,Bios,Motherboard,Vga,Sound,Hdd,Ram,Display-Monitor,IpAddress,Os,Users,...)
C#
4
star
42

NativePayload_DynLCI

NativePayload_DynLCI , Dynamic Local Code Invoke , Injecting Meterpreter Payload bytes into local Process
C#
4
star
43

NativePayload_JMP4

in C# you can use Emit(Opcodes.jmp,TargetMethod) in your codes without writing any asm bytes in code to jump to pointer of TargetMethod or (MethodInfo) to run in-memory via Emit(Opcodes.jmp, method) in system.reflection namespace
C#
4
star
44

NativePayload_NetMonitor

NativePayload_NetMonitor Monitoring NetworkTraffic over [ICMP/ARP/TCP/UDP + HTTP + DNS] by ws2_32.dll Windows Sockets Library
C#
3
star
45

DamonMohammadbagher

2
star
46

NativePayload_DYN

Compiling Csharp in-memory and Execute to bypass AVs
C#
2
star
47

NativePayload_PingSend

NativePayload_PingSend send data/string (exfiltration) to destination ip via icmp ping packets
C#
1
star