How to compile, embed and use SharpSploit

SharpSploit is a .NET C# post-exploitation library written by @cobbr_io that tend to be used to facilitate developing many Windows attack surface and makes an easy to understand APIs (even for none C# coders) to deal with Windows APIs. So first, don't expect an exe binary; instead, we are going to compile it to a DLL library to be embedded in our simple binary. Also, I'm expecting that you have already installed Visual Studio 2017, I'm using CommandoVM.

Compiling SharpSploit to DLL

Step #1 | Clone the repository

git clone

Step #2 | Open the project from VS2017

Go to File >> Open and select SharpSploit.sln

Step #3 | Prepare your build

Change the build type to by release instead of debug to avoid exposing metadata and other information about your machine (e.g. your system path that may include your username)

Also, SharpSploit is configured to be compiled with .Net version 4.0+, in my case, only .Net 3.5 was installed, so I've changed the project configurations as the following

Project >> Edit SharpSploit.csproj

Then change net40 to net35 in the configuration file and then Press Ctrl+S to save

Step #4 | Compile the library

Now go to Build >> Build SharpSploit

Once this done, you will fine the DLL file under the repository directory in bin\Release\net35\SharpSploit.dll

Embedding SharpSploit in a Binary

One of the APIs that SharpSploit provides is WhoAmI API which is exactly what you expect. Let's build our console application.

Step #1 | Create a new Project

From File >> New >> Select Console App (.Net Framework)

Our code will be as the follows

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using SharpSploit;

namespace SharpSploitWhoAmI
    class Program
        static void Main(string[] args)
            SharpSploit.Credentials.Tokens tokens = new SharpSploit.Credentials.Tokens();
            string whoami = tokens.WhoAmI();

> NuGet Package Manager >> Package Manager Console"]]]]}'>

Step #2 | Embedding SharpSploit in our project

Now let's install the library from the NuGet package manager

Tools >> NuGet Package Manager >> Package Manager Console

You will see a console similar to the following

Execute the following line.

PM> Install-Package costura.fody -Version 3.3.3


For compatibility, you need this version of msbuild.exe v15 in Visual Studio 2017. If you are using VS2019 then use the last version of costura and fody.

And Now, add the library reference to the project

Browse to the compiled DLL path


Select it and add

Step #3 | Compile the application

Now you will do exactly as you've done with the DLL compilation.

Change the build type to Release and go to Build >> Build WhoAmI. You will find the executable file under your project page under bin\Release directory.


This library is an intuitive APIs for red teamers on Windows. However, it's a big one, meaning, the size of the DLL after compilation is +1Mb which will get even bigger when you embed it in your binary. Therefore, you can inject it into memory and execute using something like execute-assembly in CobaltStrike.

Last updated