Skip to content

Latest commit

 

History

History

EnumDotnet

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
beacon.h
beacon.h
 
 
bofcompile.bat
bofcompile.bat
 
 
enumdotnet.c
enumdotnet.c
 
 
enumdotnet.cna
enumdotnet.cna
 
 
enumdotnet.h
enumdotnet.h
 
 
enumdotnet.o
enumdotnet.o
 
 

README.md

EnumDotnet

Enumerate processes that most likely have .NET loaded by searching for the section name: \BaseNamedObjects\Cor_Private_IPCBlock(_v4)_<ProcessId>

Usage

  • enumdotnet

Compile

  • 1. Make sure Visual Studio is installed and supports C/C++.
  • 2. Open the x64 Native Tools Command Prompt for VS <2019/2022> terminal.
  • 3. Run the bofcompile.bat script to compile the object file.
  • 4. In Cobalt strike, use the script manager to load the .cna script to import the tool.