Alternatives to whoami
Some experiments to retrieve the current username without calling whoami.exe or similar binaries, all of them using C# (and P/Invoke).
Ethical hacker | OSCE(3) CRTM CRTL GXPN GRTP GCIH GCPN
Some experiments to retrieve the current username without calling whoami.exe or similar binaries, all of them using C# (and P/Invoke).
Alternative to whoami.exe or other well-known binaries to get the environment variables. It is written in C# and I guess it is stealthier because it gets the values parsing the PEB structure.
C# PoC of Guard Pages hooking. It is a type of API hooking which can be achieved from userland and does not require patching functions.
C# program to read, write and delete Extended Attributes (EAs) to “hide” malicious payloads within NTFS filesystems.
C# program to write, read, delete or list Alternate Data Streams (ADS) within NTFS.
Python script to count exact total number of stars for any Github user
GetModuleHandle implementation in C# using only the NtQueryInformationProcess API call.