RTO
75c6c241e6
QoL update
|
2 jaren geleden | |
|---|---|---|
| .. | ||
| README.md | 2 jaren geleden | |
| beacon.h | 2 jaren geleden | |
| bofcompile.bat | 2 jaren geleden | |
| enumdotnet.c | 2 jaren geleden | |
| enumdotnet.cna | 2 jaren geleden | |
| enumdotnet.h | 2 jaren geleden | |
| enumdotnet.o | 2 jaren geleden | |
README.md
EnumDotnet
Enumerate processes that most likely have .NET loaded by searching for the section name: \BaseNamedObjects\Cor_Private_IPCBlock(_v4)_<ProcessId>
Usage
enumdotnet
Compile
- 1. Make sure Visual Studio is installed and supports C/C++.
- 2. Open the
x64 Native Tools Command Prompt for VS <2019/2022>terminal. - 3. Run the
bofcompile.batscript to compile the object file. - 4. In Cobalt strike, use the script manager to load the .cna script to import the tool.