https://github.com/processust/sharpvenoma

CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
https://github.com/processust/sharpvenoma

antivirus bypass edr evasion pentest redteam tool

Last synced: 10 months ago
JSON representation

CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution

• Host: GitHub
• URL: https://github.com/processust/sharpvenoma
• Owner: ProcessusT
• Created: 2024-04-21T20:59:44.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-04-22T08:03:54.000Z (almost 2 years ago)
• Last Synced: 2025-04-12T02:12:28.652Z (10 months ago)
• Topics: antivirus, bypass, edr, evasion, pentest, redteam, tool
• Language: C#
• Homepage: https://processus.site
• Size: 1.66 MB
• Stars: 42
• Watchers: 1
• Forks: 6
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# SharpVenoma



  


  

  


  


    C# reimplementation of Venoma

  

  


  Another C# Cobalt Strike beacon dropper with custom indirect syscalls execution


  

















> A custom CSharp raw beacon dropper with :



> DLL Unhooking (Perun's fart)


> ETW Patching


> AMSI Patching


> EnumPageFilesW execution


> Early Bird APC Execution


> Indirect syscall execution


> 





All functions are included, choose what you need and remove anything else before compiling.









## Usage




Generate your raw payload and use the aes.py file to encrypt the data :







Update the source code and choose what you want to execute :