/SharpCollection

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

SharpCollection

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Is your favorite tool missing? Feel free to open an issue or DM me on twitter @Flangvik
Please note that Cobalt Strike's execute-assembly only accepts binaries compiled with the "Any CPU" configuration.

Azure DevOps?

Each night at 03:00 AM, the Azure DevOps pipeline checks for new commits to all repositories master branch. Branches with changes will be automatically fetched and compiled with different framework targets as well as architectures, before being pushed to this repo.

The pipeline can be found here: https://dev.azure.com/FlangvikDev/SharpRelease

OpSec

Should I blindly deploy any of these binaries during real-life engagements?
F*ck no, always look through anything that you deploy on a client machine or network. Eg https://github.com/dnSpy/dnSpy
Deploying anything blindly from this repo should be reserved for Lab environment, VM's , HTB, detection mapping, and so forth.

Available builds

Tools \ .NET Framework NET 4.0 NET 4.5 NET 4.7
SharpSphere ✔️ ✔️
Grouper2 ✔️ ✔️ ✔️
SauronEye ✔️
SharpMove ✔️ ✔️ ✔️
SharpHandler ✔️ ✔️ ✔️
SharpAllowedToAct ✔️ ✔️ ✔️
SharpMapExec ✔️ ✔️ ✔️
StandIn ✔️ ✔️ ✔️
TruffleSnout ✔️ ✔️
SharpSecDump ✔️ ✔️ ✔️
SharpCrashEventLog ✔️ ✔️ ✔️
SharpKatz ✔️ ✔️ ✔️
SharpZeroLogon ✔️ ✔️ ✔️
SharpChromium ✔️ ✔️ ✔️
StickyNotesExtract ✔️ ✔️ ✔️
ThunderFox ✔️ ✔️ ✔️
SharpRDP ✔️ ✔️
SharpView ✔️ ✔️
SweetPotato ✔️ ✔️
ADCollector ✔️ ✔️ ✔️
SharpAppLocker ✔️ ✔️
SharpDump ✔️ ✔️ ✔️
LockLess ✔️ ✔️ ✔️
Seatbelt ✔️ ✔️ ✔️
SharpDPAPI ✔️ ✔️ ✔️
SharpChrome ✔️ ✔️ ✔️
SharpUp ✔️ ✔️ ✔️
Rubeus ✔️ ✔️ ✔️
SharpWMI ✔️ ✔️ ✔️
SafetyKatz ✔️ ✔️ ✔️
SharpShares ✔️ ✔️ ✔️
SharpSpray ✔️ ✔️ ✔️
SharpTask ✔️ ✔️ ✔️
SharpDir ✔️ ✔️ ✔️
SharpReg ✔️ ✔️ ✔️
SharpSvc ✔️
Shhmon ✔️ ✔️ ✔️
Watson ✔️ ✔️ ✔️
winPEAS ✔️ ✔️
SharpStay ✔️ ✔️ ✔️
SharpFiles ✔️ ✔️ ✔️
SharpHose ✔️ ✔️
SharpDoor ✔️ ✔️ ✔️
WMIReg ✔️ ✔️ ✔️
scout ✔️ ✔️ ✔️
SharpBlock ✔️ ✔️ ✔️
SharpCloud ✔️ ✔️ ✔️
SharpGPOAbuse ✔️ ✔️ ✔️
PurpleSharp ✔️ ✔️
SharpChisel ✔️ ✔️ ✔️
InveighZero ✔️ ✔️ ✔️
BetterSafetyKatz ✔️ ✔️ ✔️
SharpHound3 ✔️
Snaffler ✔️
SearchOutlook ✔️ ✔️ ✔️
SharpMiniDump ✔️ ✔️ ✔️
ADSearch ✔️
AtYourService ✔️ ✔️ ✔️
SqlClient ✔️ ✔️ ✔️

Sources / Credits

Links for all these amazing tools are below :)

  • SharpSphere - C# SharpSphere has the ability to interact with the guest operating systems of virtual machines managed by vCenter. @jkcoote & @grzryc
  • Grouper2 - C# tool to help find security-related misconfigurations in Active Directory Group Policy. @mikeloss
  • SauronEye - C# search tool find specific files containing specific keywords (.doc, .docx, .xls, .xlsx). @_vivami
  • SharpMove - C# tool for performing lateral movement techniques @0xthirteen
  • SharpHandler - C# tool for stealing/duping handles to LSASS @Jean_Maes_1994
  • SharpMapExec - C# version of @byt3bl33d3r's tool CrackMapExec @cube0x0
  • SharpAllowedToAct - C# implementation of a computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity) @pkb1s
  • SpoolSample - C# PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface @leechristensen
  • StandIn - C# based small AD post-compromise toolkit. @FuzzySec
  • TruffleSnout - C# based iterative AD discovery toolkit for offensive operators. @dsnezhkov
  • SharpSecDump - C# port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py @G0ldenGunSec
  • SharpCrashEventLog - C# port of LogServiceCrash @slyd0g @limbenjamin
  • SharpKatz - PURE C# port of significant MimiKatz functionality such as logonpasswords, dcsync, etc. @b4rtik
  • SharpZeroLogon - C# port of CVE-2020-1472 , a.k.a. Zerologon. @buffaloverflow
  • SharpChromium - C# Project to retrieve Chromium data, such as cookies, history and saved logins. @djhohnstein
  • SharpRDP - C# Remote Desktop Protocol Console Application for Authenticated Command Execution @0xthirteen
  • StickyNotesExtract - C# tool that extracts data from the Windows Sticky Notes database. @V1V1
  • ThunderFox - C# Retrieves data (contacts, emails, history, cookies and credentials) from Thunderbird and Firefox. @V1V1
  • SharpAppLocker - C# port of the Get-AppLockerPolicy PS cmdlet with extended features @Flangvik
  • SqlClient - C# .NET mssql client for accessing database data through beacon. @FortyNorthSecurity
  • SharpDump - SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality. @GhostPack
  • SharpView - C# implementation of harmj0y's PowerView. @tevora-threat
  • LockLess - Allows for the copying of locked files. @GhostPack
  • Seatbelt - Performs a number of security oriented host-survey "safety checks". @GhostPack
  • SharpDPAPI - C# port of some Mimikatz DPAPI functionality. @GhostPack
  • SharpChrome - Chrome-specific implementation of SharpDPAPI capable of cookies and logins decryption/triage. @GhostPack
  • SharpUp - C# port of various PowerUp functionality. @GhostPack
  • Rubeus - C# toolset for raw Kerberos interaction and abuses. @GhostPack
  • SharpWMI - C# implementation of various WMI functionality. @GhostPack
  • SafetyKatz - Combination of slightly modified version of @gentilkiwi's Mimikatz project and @subTee's .NET PE Loader. @GhostPack
  • SharpShares - Enumerate all network shares in the current domain. @djhohnstein
  • SharpSpray - C# tool to perform a password spraying attack against all users of a domain using LDAP. @jnqpblc
  • SharpTask - C# tool to interact with the Task Scheduler service api. @jnqpblc
  • SharpDir - C# tool to search both local and remote file systems for files. @jnqpblc
  • SharpReg - C# tool to interact with the Remote Registry service api. @jnqpblc
  • SharpSvc - C# tool to interact with the SC Manager API. @jnqpblc (Only NET 4.7)
  • Shhmon - Neutering Sysmon via driver unload. @Shhmon
  • Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities . @rasta-mouse
  • winPEAS - PEASS - Privilege Escalation Awesome Scripts (winPEAS). @carlospolop
  • SharpStay - .NET project for installing Persistence. @0xthirteen
  • SharpFiles - C# tool to search for files based on SharpShares output. @fullmetalcache
  • SharpHose - Asynchronous Password Spraying Tool in C# for Windows Environments . @ustayready
  • SharpDoor - C# tool to allow multiple RDP (Remote Desktop) sessions by patching termsrv.dll file. @infosecn1nja
  • WMIReg - C# PoC to interact with local/remote registry hives through WMI. @airzero24
  • scout - A .NET assembly for performing recon against hosts on a network . @jaredhaight
  • SharpBlock - A method of bypassing EDR's active projection DLL's by preventing entry point exection. @CCob
  • SweetPotato - Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019 . @CCob
  • SharpCloud - Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute. @chrismaddalena
  • SharpGPOAbuse - SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO). @FSecureLABS
  • PurpleSharp - C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments. @mvelazc0
  • SharpChisel - C# Chisel Wrapper. @shantanu561993
  • InveighZero - Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 spoofer/man-in-the-middle tool . @Kevin-Robertson
  • BetterSafetyKatz - Fork of SafetyKatz dynamically fetches the latest Mimikatz, runtime patching signatures and PE loads Mimikatz into memory. @Flangvik
  • SharpHound3 - C# Rewrite of the BloodHound Ingestor. @BloodHoundAD
  • Snaffler - C# tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible). @SnaffCon
  • SearchOutlook - C# tool to search through a running instance of Outlook for keywords @RedLectroid
  • SharpMiniDump - C# tool to Create a minidump of the LSASS process from memory @b4rtik
  • ADSearch - C# tool to help query AD via the LDAP protocol @tomcarver16 (Only NET 4.7)
  • ADCollector - C# tool to quickly extract valuable information from the Active Directory environment @dev-2null
  • AtYourService - C# .NET Assembly for Service Enumeration @mitchmoser