Od1n – An Offensive, Defensive, Intelligence and Networking library

Od1n – Offensive, Defensive, Intelligence and Networking Library

Yes, this is yet another post exploitation c# framework… I apologize 🙂 Yes, I know there are lots of other frameworks out there, and more .net/C# ones every other week. “This is my [post exploitation c# framework]. There are many like it, but this one is mine.”

Full (well almost) documentation is available here. If you have any questions, or just want to have a chat you can access the dedicated slack here

Why?

There’s lots of things rattling around in my head that I needed to get out of there, I was low on storage space :p

About Me

I’m a Windows .Net developer, and I’ve spent a large portion of my career writing products that are used for network discovery and inventory. Typically agent-less, so lots of networking stuff. The systems I’ve worked on to gather inventory information on have ranged from HP-UX, AIX, Linux, SCO (yes, really, that SCO) and of course lots of versions of Windows. This information was used for everything from patching, dependency mapping and license management/SAM

What’s in it?

Since I come from a Windows development background, lot’s of very windows-centric stuff. It varies from simple wrapper classes around existing Windows API to low level packet bashing. I’ll hopefully be adding a proper NDIS implementation in the future for more interesting stuff like 802.11 de-auth messages.

Od1n

This is the main framework project which contains most of the code.

Od1n Console

This is an example console application, that exposes several example uses for the Od1n framework. It is not exhaustive and is a work in progress. Examples are funnily enough located in the Examples folder.

Acknowledgements

There have been many sites and tools were invaluable over the course of my career and while working on this project. They are (in no particular order):

  • Microsoft documentation Fantastic resource, and much improved in the last few years
  • PInvoke.net When 1st working with pinvoke, this site was of enormous help.
  • magnumdb.com Ever needed an enum value and couldn’t find it in Microsoft’s documentation? It’s probably here
  • Network Sorcery Seriously, the RFC Sourcebook is awesome. It’s great for implementing protocols.
  • Dependency Walker Great tool to find where specific functions are and what their entry points are
  • StackOverflow… What can I say? It’s the go to source for every developer
  • Sysinternals Process Monitor, Process Explorer
  • Hacking Exposed – Windows This is probably out of print now (2nd edition was 2003), but it was great when I was getting started in Windows development
  • Windows Networking Essentials Is also a great resource
  • Reference Source This is useful for finding method or constant value information There’s lots more, and I’ll add them as I remember them 🙂