search

naksyn / Pyramid

a tool to help operate in EDRs' blind spots
Apache License 2.0
650 stars 76 forks source link

Add Python.NET base example #3

Closed snovvcrash closed 2 years ago

snovvcrash commented 2 years ago

Just playing with executing .NET assemblies here. SharpSecDump is on the demo below 👇🏻

https://user-images.githubusercontent.com/23141800/194651789-b6e12646-4b15-4339-86a5-cb137b9a2775.mp4

naksyn commented 2 years ago

Hi @snovvcrash this is awesome, thanks!! May I ask if your demo is still working smoothly using the official compiled runtime NuGet Python.Runtime.dll? You can find it in lib directory after downloading the package here: https://www.nuget.org/api/v2/package/pythonnet/3.0.0 If it goes well we can substitute the compiled dll with the nuget one. If you don't mind could also remove the pythonnet pycache folders so we won't leave any personal info floating around in the repo. By the way, you chose a great domain name for your lab :)

Thanks again!

Diego

snovvcrash commented 2 years ago

Hey @naksyn, thanks for the review and for the kind words!

I've cleaned up the pycache (don't tell anyone that I've opened a PR with it 🤦🏻‍♂️) and also replaced Python.Runtime.dll with the one from NuGet --> SHA1:25b062297880630489fbe5c6354d73c7d755a2aa.

Everything keeps working smoothly 👌🏻

naksyn commented 2 years ago

OK! PR merged and thanks again!