{
	"id": "da40f5ed-0200-46b8-935b-19d3c1a2a9a6",
	"created_at": "2026-04-06T00:06:26.586625Z",
	"updated_at": "2026-04-10T13:11:36.990736Z",
	"deleted_at": null,
	"sha1_hash": "33ef4ade5c4d5ac568133b4d5fd06df56505b54b",
	"title": "GitHub - cobbr/SharpSploit: SharpSploit is a .NET post-exploitation library written in C#",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 51627,
	"plain_text": "GitHub - cobbr/SharpSploit: SharpSploit is a .NET post-exploitation library written in C#\r\nBy cobbr\r\nArchived: 2026-04-05 20:27:19 UTC\r\nSharpSploit is a .NET post-exploitation library written in C# that aims to highlight the attack surface of .NET and\r\nmake the use of offensive .NET easier for red teamers.\r\nSharpSploit is named, in part, as a homage to the PowerSploit project, a personal favorite of mine! While\r\nSharpSploit does port over some functionality from PowerSploit, my intention is not at all to create a direct port\r\nof PowerSploit. SharpSploit will be it's own project, albeit with similar goals to PowerSploit.\r\nIntro\r\nYou'll find some details and motivations for the SharpSploit project in this introductory blog post.\r\nDocumentation\r\nThe complete SharpSploit API docfx documentation is available here.\r\nFor an easier to read, high-level quick reference and summary of SharpSploit functionality, refer to the\r\nSharpSploit - Quick Command Reference.\r\nCredits\r\nI owe a ton of credit to a lot of people. Nearly none of SharpSploit is truly original work. SharpSploit ports\r\nmany modules written in PowerShell by others, utilizes techniques discovered by others, and borrows ideas and\r\ncode from other C# projects as well. With that being said, I'd like to thank the following people for contributing to\r\nthe project (whether they know they did or not :)):\r\nJustin Bui (@youslydawg) - For contributing the SharpSploit.Enumeration.Host.CreateProcessDump()\r\nfunction.\r\nMatt Graeber (@mattifestation), Will Schroeder (@harmj0y), and Ruben (@FuzzySec) - For their work on\r\nPowerSploit.\r\nWill Schroeder (@harmj0y) - For the PowerView project.\r\nAlexander Leary (@0xbadjuju) - For the Tokenvator project.\r\nJames Foreshaw (@tiraniddo) - For his discovery of the token duplication UAC bypass technique\r\ndocumented here.\r\nMatt Nelson (@enigma0x3) - For his Invoke-TokenDuplication implementation of the token duplication\r\nUAC bypass, as well his C# shellcode execution method.\r\nBenjamin Delpy (@gentilkiwi) - For the Mimikatz project.\r\nhttps://github.com/cobbr/SharpSploit\r\nPage 1 of 2\n\nCasey Smith (@subtee) - For his work on a C# PE Loader.\r\nChris Ross (@xorrior) - For his implementation of a Mimikatz PE Loader found here.\r\nMatt Graeber (@mattifestation) - For discovery of the AMSI bypass found here.\r\nLee Christensen (@tifkin_) - For the discovery of the PowerShell logging bypass found here.\r\nAll the contributors to www.pinvoke.net - For numerous PInvoke signatures.\r\nSource: https://github.com/cobbr/SharpSploit\r\nhttps://github.com/cobbr/SharpSploit\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://github.com/cobbr/SharpSploit"
	],
	"report_names": [
		"SharpSploit"
	],
	"threat_actors": [],
	"ts_created_at": 1775433986,
	"ts_updated_at": 1775826696,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/33ef4ade5c4d5ac568133b4d5fd06df56505b54b.pdf",
		"text": "https://archive.orkl.eu/33ef4ade5c4d5ac568133b4d5fd06df56505b54b.txt",
		"img": "https://archive.orkl.eu/33ef4ade5c4d5ac568133b4d5fd06df56505b54b.jpg"
	}
}