Load dumped Csharp binaries as assemblies and launch them in memory bypassing AMSI and ETW.
This tool is deeply inspired by @s3cur3th1ssh1t and @Byt3bl33d3r work on Nim, and the Invoke-Sharploader and netLoader tools.
This tool is actually three:
This is a slight modification of the tool described at https://s3cur3th1ssh1t.github.io/Playing-with-OffensiveNim It dumps a Csharp tool's bytes to a txt file.
a tool to encrypt/decript files
The main tool that loads dumped/encrypted files from file or url
You can see a demo here: https://youtu.be/AkxCnHMjz7s