Warning: The PoCs in this repository were not created with evading AV in mind. It's more like a reference for me using the Win32 API. If you try to compile and run any of these programs on a modern Windows machine with Defender running, don't be confused if they get deleted instantly.
Compile using the C# compiler
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe <Program>.csHelper class to print the shellcode. Expects to have a shellcode.bin file present (generate with MSFvenom: -f raw -o shellcode.bin)
Execute it:
FormatShellcode.exe shellcode.binInjects the shellcode into the current process.
Execute it:
InjectLocalProcess.exeInjects the shellcode in a remote process.
The process has to have at least the same privileges as the current user executing (eg. non-administrative shells cannot inject into process owned by NT\SYSTEM).
Execute it:
InjectRemoteProcess.exe <ProcessName>Simple PowerShell PoC for local process injection. Since PowerShell leverages the .NET framework, you can re-write every C# code using PowerShell.