Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Is your favorite tool missing? Feel free to open an issue or DM me on twitter @Flangvik
Each night at 03:00 AM, the Azure DevOps pipeline checks for new commits to all repositories master branch. Branches with changes will be automatically fetched and compiled with different framework targets as well as architectures, before being pushed to this repo.
The pipeline can be found here: https://dev.azure.com/FlangvikDev/SharpRelease
| Tools \ .NET Framework | NET 4.0 | NET 4.5 | NET 4.7 |
|---|---|---|---|
| ADCollector | ✔️ | ✔️ | ❌ |
| SharpDump | ✔️ | ✔️ | ❌ |
| LockLess | ✔️ | ✔️ | ❌ |
| Seatbelt | ✔️ | ✔️ | ❌ |
| SharpDPAPI | ✔️ | ✔️ | ❌ |
| SharpUp | ✔️ | ✔️ | ❌ |
| Rubeus | ✔️ | ✔️ | ❌ |
| SharpWMI | ✔️ | ✔️ | ❌ |
| SafetyKatz | ✔️ | ✔️ | ❌ |
| SharpShares | ✔️ | ✔️ | ❌ |
| SharpSpray | ✔️ | ✔️ | ❌ |
| SharpTask | ✔️ | ✔️ | ❌ |
| SharpDir | ✔️ | ✔️ | ❌ |
| SharpReg | ✔️ | ✔️ | ❌ |
| SharpSvc | ❌ | ❌ | ✔️ |
| Shhmon | ✔️ | ✔️ | ❌ |
| Watson | ✔️ | ✔️ | ❌ |
| winPEAS | ✔️ | ✔️ | ❌ |
| SharpStay | ✔️ | ✔️ | ❌ |
| SharpFiles | ✔️ | ✔️ | ❌ |
| SharpHose | ❌ | ✔️ | ❌ |
| SharpDoor | ✔️ | ✔️ | ❌ |
| WMIReg | ✔️ | ✔️ | ❌ |
| scout | ✔️ | ✔️ | ❌ |
| SharpBlock | ✔️ | ✔️ | ❌ |
| SharpCloud | ✔️ | ✔️ | ❌ |
| SharpGPOAbuse | ✔️ | ✔️ | ❌ |
| PurpleSharp | ✔️ | ✔️ | ❌ |
| SharpChisel | ✔️ | ✔️ | ❌ |
| InveighZero | ✔️ | ✔️ | ❌ |
| BetterSafetyKatz | ✔️ | ✔️ | ❌ |
| SharpHound3 | ❌ | ✔️ | ❌ |
| Snaffler | ✔️ | ❌ | ❌ |
| SearchOutlook | ✔️ | ✔️ | ❌ |
| SharpMiniDump | ✔️ | ✔️ | ❌ |
| ADSearch | ❌ | ❌ | ✔️ |
| AtYourService | ✔️ | ✔️ | ✔️ |
| SqlClient | ✔️ | ✔️ | ✔️ |
Links for all these amazing tools are below :)
- SqlClient - C# .NET mssql client for accessing database data through beacon. @FortyNorthSecurity
- SharpDump - SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality. @GhostPack
- LockLess - Allows for the copying of locked files. @GhostPack
- Seatbelt - Performs a number of security oriented host-survey "safety checks". @GhostPack
- SharpDPAPI - C# port of some Mimikatz DPAPI functionality. @GhostPack
- SharpUp - C# port of various PowerUp functionality. @GhostPack
- Rubeus - C# toolset for raw Kerberos interaction and abuses. @GhostPack
- SharpWMI - C# implementation of various WMI functionality. @GhostPack
- SafetyKatz - Combination of slightly modified version of @gentilkiwi's Mimikatz project and @subTee's .NET PE Loader. @GhostPack
- SharpShares - Enumerate all network shares in the current domain. @djhohnstein
- SharpSpray - C# tool to perform a password spraying attack against all users of a domain using LDAP. @jnqpblc
- SharpTask - C# tool to interact with the Task Scheduler service api. @jnqpblc
- SharpDir - C# tool to search both local and remote file systems for files. @jnqpblc
- SharpReg - C# tool to interact with the Remote Registry service api. @jnqpblc
- SharpSvc - C# tool to interact with the SC Manager API. @jnqpblc (Only NET 4.7)
- Shhmon - Neutering Sysmon via driver unload. @Shhmon
- Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities . @rasta-mouse
- winPEAS - PEASS - Privilege Escalation Awesome Scripts (winPEAS). @carlospolop
- SharpStay - .NET project for installing Persistence. @0xthirteen
- SharpFiles - C# tool to search for files based on SharpShares output. @fullmetalcache
- SharpHose - Asynchronous Password Spraying Tool in C# for Windows Environments . @ustayready
- SharpDoor - C# tool to allow multiple RDP (Remote Desktop) sessions by patching termsrv.dll file. @infosecn1nja
- WMIReg - C# PoC to interact with local/remote registry hives through WMI. @airzero24
- scout - A .NET assembly for performing recon against hosts on a network . @jaredhaight
- SharpBlock - A method of bypassing EDR's active projection DLL's by preventing entry point exection. @CCob
- SharpCloud - Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute. @chrismaddalena
- SharpGPOAbuse - SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO). @FSecureLABS
- PurpleSharp - C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments. @mvelazc0
- SharpChisel - C# Chisel Wrapper. @shantanu561993
- InveighZero - Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 spoofer/man-in-the-middle tool . @Kevin-Robertson
- BetterSafetyKatz - Fork of SafetyKatz dynamically fetches the latest Mimikatz, runtime patching signatures and PE loads Mimikatz into memory. @Flangvik
- SharpHound3 - C# Rewrite of the BloodHound Ingestor. @BloodHoundAD
- Snaffler - C# tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible). @SnaffCon
- SearchOutlook - C# tool to search through a running instance of Outlook for keywords @RedLectroid
- SharpMiniDump - C# tool to Create a minidump of the LSASS process from memory @b4rtik
- ADSearch - C# tool to help query AD via the LDAP protocol @tomcarver16 (Only NET 4.7)
- ADCollector - C# tool to quickly extract valuable information from the Active Directory environment @dev-2null
- AtYourService - C# .NET Assembly for Service Enumeration @mitchmoser