Been doing red team work in C# for a while. Kept rewriting the same P/Invoke blocks and syscall wrappers for every project. Got tired of it so I bundled everything into one library.
SharpKit is a .NET 8 library for offensive operations. No external NuGet dependencies. Just System.Net.Http, System.Runtime.InteropServices, and System.Net.Sockets.
What it does:
Syscalls with runtime SSN extraction (parses ntdll in memory, no hardcoded numbers)
Indirect syscall stubs with custom gadgets
Process injection: CreateRemoteThread, NtCreateThreadEx, QueueUserAPC, process hollowing
Win32 P/Invoke for kernel32, advapi32, ntdll
Kerberos builders: AS-REQ, TGS-REQ, AP-REQ, S4U2Self, S4U2Proxy, kerberoast hash formatter
HttpAgent with NTLM/Basic/Bearer auth and proxy support
PacketCrafter for raw ARP, DNS, TCP, UDP
Example for syscalls:
Syscalls.Initialize();
var status = Syscalls.NtAllocateVirtualMemory(procHandle, ref baseAddr, IntPtr.Zero, ref size, 0x3000, 0x04);
The syscall module extracts SSNs at runtime so you don't need to hardcode them per Windows version. It also supports indirect dispatch via jmp r11 if you have a gadget.
NuGet: SharpKit.Offensive
Docs: github.com/CzaxStudio/SharpKit-Docs
Repo: github.com/CzaxStudio/SharpKit
Built for legal red teaming and research. Feedback welcome.
Top comments (0)