> For the complete documentation index, see [llms.txt](https://ppn.snovvcra.sh/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ppn.snovvcra.sh/pentest/infrastructure/ad/av-edr-evasion/dotnet-assembly/dotnet-config-loader.md).

# .NET Config Loader

* <https://gist.github.com/djhohnstein/afb93a114b848e16facf0b98cd7cb57b>
* <https://gist.github.com/byt3bl33d3r/de10408a2ac9e9ae6f76ffbe565456c3>
* <https://pentestlaboratories.com/2020/05/26/appdomainmanager-injection-and-detection/>
* <https://www.mdsec.co.uk/2020/06/detecting-and-advancing-in-memory-net-tradecraft/>
* <https://www.rapid7.com/blog/post/2023/05/05/appdomain-manager-injection-new-techniques-for-red-teams/>
* <https://github.com/netbiosX/Ghostloader>
* <https://github.com/Mr-Un1k0d3r/.NetConfigLoader>
* <https://ipslav.github.io/2023-12-12-let-me-manage-your-appdomain/>
* <https://github.com/ipSlav/DirtyCLR>
