This is a game changer for red teaming and offensive security. The guys from SpecterOps have just published GhostPack. This represents the transition from Offensive PowerShell frameworks to C# frameworks. This was much expected as blue teams are catching up on PowerShell detection/prevention controls. Moreover, red teams need “offense in depth” having different variations of their toolset based on the engagement needs.

GhostPack is a collection various C# implementations of previous PowerShell functionality, and includes six separate toolsets being released:

• Seatbelt is by far the meatiest project being released. It’s a clearinghouse of situational awareness “safety checks”.
• SharpUp is the start of a C# port of PowerUp’s privilege escalation checks.
• SharpRoast is a C# port of various PowerView’s Kerberoasting functionality. 
• SharpDump is a essentially C# port of various PowerSploit’s Out-Minidump.ps1 functionality.
• SafetyKatz is a combination of SharpDump, @gentilkiwi’s Mimikatz project, and @subtee’s .NET PE loader.
• SharpWMI  is a simple C# wrapper for various WMI functionality.

Happy testing and updating your controls ;)

References:

• https://posts.specterops.io/ghostpack-d835018c5fc4
• https://github.com/GhostPack