Been doing red team work in C# for a while. Kept rewriting the same P/Invoke blocks and syscall wrappers for every project. Got tired of it so I bundled everything into one library.

SharpKit is a .NET 8 library for offensive operations. No external NuGet dependencies. Just System.Net.Http, System.Runtime.InteropServices, and System.Net.Sockets.

What it does:

Syscalls with runtime SSN extraction (parses ntdll in memory, no hardcoded numbers)

Indirect syscall stubs with custom gadgets

Process injection: CreateRemoteThread, NtCreateThreadEx, QueueUserAPC, process hollowing

Win32 P/Invoke for kernel32, advapi32, ntdll

Kerberos builders: AS-REQ, TGS-REQ, AP-REQ, S4U2Self, S4U2Proxy, kerberoast hash formatter

HttpAgent with NTLM/Basic/Bearer auth and proxy support

PacketCrafter for raw ARP, DNS, TCP, UDP

Example for syscalls:

Syscalls.Initialize();
var status = Syscalls.NtAllocateVirtualMemory(procHandle, ref baseAddr, IntPtr.Zero, ref size, 0x3000, 0x04);

The syscall module extracts SSNs at runtime so you don't need to hardcode them per Windows version. It also supports indirect dispatch via jmp r11 if you have a gadget.

NuGet: SharpKit.Offensive
Docs: github.com/CzaxStudio/SharpKit-Docs
Repo: github.com/CzaxStudio/SharpKit

Built for legal red teaming and research. Feedback welcome.