Stracciatella
Stracciatella copied to clipboard
mgeeky
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
Hello, my favourite malware dev! Im still playing with that tool and notices output problem. When i just use "stracciatella" command in Cobalt Strike, everything is fine:  But when...
hello friend , does the pipe name matters ? should the pipe exits on the target machine? Stracciatella seems always to be executing command on local machine and ignore the...
**Config:** * commit `3c3e059` (currently the latest) compiled with the default configuration for .NET 4. * Tested against Server 2016 and Windows 10 (from DetectionLab) * Execution via CNA script...
The original bofnet_stracciatella_script command uses bofnet_executeassembly, which is blocking. I think this means that if the script is bigger than 20000 bytes (and a named pipe will be used), the...
Isn't the main idea of UnmanagedPowershell that you can run powershell from unmanaged code like c++ instead of .NET code like C#? You wrote that the idea is to run...
