Dumping Jenkins credentials
A very dumb way to access Jenkins protected credentials which I have not found documented anywhere.
C# implementation of GetModuleHandle for remote processes
GetModuleHandle implementation for remote processes in C# using only NTAPIs: NtQueryInformationProcess, NtReadVirtualMemory and NtOpenProcess.
p-invoke.net - Website with P/Invoke definitions
This website contains most of the P/Invoke definitions from the now offline pinvoke.net, adding the link to the Microsoft documentation for each one.
MinidumpParser
C# program to parse Microsoft Minidump files.
SharpObfuscate - Payload obfuscation in C#
SharpObfuscate transforms a payload into a list of IPv4, IPv6, MAC or UUID strings. It takes the bytes from a hexadecimal string, a file in the system, a file downloaded from a URL or an ordinary string.
SharpProcessDump - Dump processes using C#
Dump memory regions of a process which are readable (no PAGE_NOACCESS protection) and are commited (MEM_COMMIT state) using only native API calls.
SharpNtdllOverwrite - API Unhooking overwriting ntdll.dll
Overwrite ntdll.dll’s “.text” section using a clean version of the DLL. It can help to evade security measures that install API hooks such as EDRs.