Outer Web | Explore

Explore >> Select a destination

You are here		thewover.github.io Emulating Covert Operations - Dynamic Invocation (Avoiding PInvoke & API Hooks) - The Wover - Red Teaming, .NET, and random computing topics
\|	\|	blog.redxorblue.com Assembly.Lie - Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code "From Disk"	3.3 parsecs away Travel
\|	\|	Introduction: Assembly.Load, a method that has been one of the primary reasons for the meteoric rise in offensive tooling written in C# ov...	3.3 parsecs away Travel
\|	\|	www.codeproject.com Injecting .NET Assemblies Into Unmanaged Processes - CodeProject	3.1 parsecs away Travel
\|	\|	A detailed analysis of how to inject the .NET runtime and arbitrary .NET assemblies into unmanaged and managed processes; and how to execute managed code within those processes.	3.1 parsecs away Travel
\|	\|	bohops.com Unmanaged Code Execution with .NET Dynamic PInvoke - bohops	2.0 parsecs away Travel
\|	\|	Yes, you read that correctly - "Dynamic Pinvoke" as in "Dynamic Platform Invoke" Background Recently, I was browsing through Microsoft documentation and other blogs to gain a better understanding of .NET dynamic types and objects. I've always found the topic very interesting mainly due to its relative obscurity and the offensive opportunities for defensive evasion....	2.0 parsecs away Travel
\|	\|	pentestlaboratories.com AppDomainManager Injection and Detection \| Pentest Laboratories	53.1 parsecs away Travel
\|		Microsoft .NET framework is being heavily utilized by threat actors and red teams for defense evasion and staying off the radar during operations. Every .NET binary contains application domains where assemblies are loaded in a safe manner. The AppDomainManager object can be used to create new ApplicationDomains inside a .NET process. From the perspective of...	53.1 parsecs away Travel