InMemoryNET
This project is entirely a POC, it was my research into looking at how execute-assembly works within Cobalt Strike.
I originally wrote this about two years ago, but I felt I needed to update to download file remotely in order to test In-Process Patchless AMSI Bypass from EthicalChaos. Albeit, this project does NOT contain that POC.
InMemoryNET will:
- Reach out to a URL
- Download a file to a buffer
- Execute via CLR
Referenced projects:
Example:
~ InMemoryNET ~
InMemoryNET.exe <url> <assembly args>