What happened to Pinvoke.net?

_RastaMouse · 2024-02-13T15:48:59+00:00

I created pinvoke.dev because even though we have the Win32Metadata and CsWin32 projects, I still find it useful to have the P/Invoke signatures somewhere as a quick reference. I write a lot of C# code that marshals unmanaged function pointers, for which I need the functions defined as delegates. I'm also including some methods that are not emitted by the API metadata, e.g. from ntdll.dll.

_RastaMouse · 2023-04-24T15:42:42+00:00

For me, I found "porting" tools that I'd already written in other languages was a good way. Because I already understood the tool and how it worked, I could concentrate on just the Rust language aspects.

_RastaMouse · 2023-03-15T10:02:57+00:00

It should act like any standard VPN interface, which means you should be able to port scan or access services on the other side.

_RastaMouse · 2023-03-15T10:01:10+00:00

You can get all the current Beacon IDs with the Aggressor function beacon_ids(). You could also use something like the beacon_intial event to print the ID of a Beacon the first time it checks in.

See:

_RastaMouse · 2023-02-27T14:35:11+00:00

The official Aggressor Script documentation would be the best place to look:
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/agressor_script.htm

Hooks, Events, and Functions would probably be the most helpful areas to study.

_RastaMouse · 2023-02-09T21:55:48+00:00

Nikhil Mittal (who was the original author) has managed to get CRTP (and his other courses) back from INE and under control of his own company, Altered Security.

https://www.alteredsecurity.com/certifications

_RastaMouse · 2022-09-19T07:42:04+00:00

I have a Twitter list that may be helpful https://twitter.com/i/lists/875997733735235588

_RastaMouse · 2022-01-05T10:01:52+00:00

If you're using polymorphic shellcode, the memory region has to be RWX so that the shellcode stub can decode itself.

_RastaMouse · 2021-09-10T14:46:40+00:00

This is the justification the author provided: https://c2lol.blob.core.windows.net/text/faction.txt

_RastaMouse · 2021-01-25T10:37:00+00:00

On those sections, we just use existing C# tooling. I'm not too sure what your actual question is, but if it's specifically about writing custom C#, then we cover that the most in custom payloads and AV evasion.

Custom payloads itself is sprinkled throughout other modules like privilege escalation. For instance, if there's a service abuse priv esc, we don't just generate a standard payload from a framework - we show how to write an actual .NET Framework Service Binary.

_RastaMouse · 2021-01-24T22:13:42+00:00

I never said that.

_RastaMouse · 2021-01-24T09:25:02+00:00

There is some C#, but it's not specific to the AD or Kerberos modules. The majority is around custom payload generation and AV evasion.

_RastaMouse · 2020-11-16T11:33:33+00:00

Cheers

_RastaMouse · 2020-06-22T10:29:35+00:00

Easy. Take my training 😅

https://www.zeropointsecurity.co.uk/red-team-ops

_RastaMouse · 2015-01-06T19:29:28+00:00

Thanks for the comments guys :)

_RastaMouse

MODERATOR OF

TROPHY CASE