ooooo        ooooo ooooo      ooo ooooo     ooo ooooooo  ooooo   .oooooo.   ooooooooo.   
     `888'        `888' `888b.     `8' `888'     `8'  `8888    d8'   d8P'  `Y8b  `888   `Y88. 
      888          888   8 `88b.    8   888       8     Y888..8P    888      888  888   .d88' 
      888          888   8   `88b.  8   888       8      `8888'     888      888  888ooo88P'  
      888          888   8     `88b.8   888       8     .8PY888.    888      888  888`88b.    
      888       o  888   8       `888   `88.    .8'    d8'  `888b   `88b    d88'  888  `88b.  
     o888ooooood8 o888o o8o        `8     `YbodP'    o888o  o88888o  `Y8bood8P'  o888o  o888o 

.NET Core - SOFT

.NET Core - DOC

.NET Core - Low level info

  • ASP.NET 5 - A Deep Dive into the ASP.NET 5 Runtime

  • The .NET Compiler Platform ("Roslyn")
    The .NET Compiler Platform ("Roslyn") provides open-source C# and Visual Basic compilers with rich code analysis APIs.

  • Learn Roslyn Now (****)
    - Part 1: Installing Roslyn
    - Part 2: Analyzing Syntax Trees With LINQ
    - Part 3: Syntax Nodes and Syntax Tokens
    - Part 4: CSharpSyntaxWalker
    - Part 5: CSharpSyntaxRewriter
    - Part 6: Working with Workspaces
    - Part 7: Introducing the Semantic Model
    - Part 8: Data Flow Analysis
    - Part 9: Control Flow Analysis
    - Part 10: Introduction to Analyzers
    - Part 11: Introduction to Code Fixes
    - Part 12: The DocumentEditor
    - Part 13: Syntax Annotations
    - Part 14: Introduction to the Scripting API
    - Part 15: The SymbolVisitor
    - Part 16: The Emit API



.NET Core - BUGS




  • dnSpy - .NET assembly editor, decompiler, and debugger (*****)
    dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing.

  • de4dot - .NET deobfuscator and unpacker (****)
    de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren't (usually) part of the obfuscated assembly.

  • GrayStorm
    GrayStorm is an in memory attack platform that targets the .NET Framework and is injectable by utilizing GrayFrost.
    - Attack the .NET JIT
    - Attack .NET at the ASM level
    - Use ASM and Metasploit payloads
    - Utilize objects on the Managed Heap
    - Read/Write a Method's ASM
    - Use on-the-fly compiled C# to overwrite call addresses and JIT Stubs
    - Disassemble a Method's ASM with BeaEngine.

  • ILSpy
    ILSpy is the open-source .NET assembly browser and decompiler.

  • Reflexil
    Reflexil - github
    Reflexil is an assembly editor and runs as a plug-in for Red Gate's Reflector, ILSpy and Telerik's JustDecompile. Reflexil is using Mono.Cecil, written by Jb Evain and is able to manipulate IL code and save the modified assemblies to disk. Reflexil also supports C#/VB.NET code injection.

  • Justdecompile
    Free. For everyone. Forever. With an open source decompilation engine

  • Jetbrains dotPeek
    Free .NET Decompiler and Assembly Browser

  • ConfuseEx
    ConfuseEx - github
    ConfuserEx is an free, open-source protector for .NET applications. It is the successor of Confuser project.