Coding for Hackers

Languages › C#

C#

Roadmap

The language of the Windows enterprise — and a red-teamer favourite.

Learning Path Available — Lessons Currently Being Developed

Overview

C# and .NET run a vast share of enterprise Windows software, and the offensive ecosystem has embraced it: many modern red-team tools, loaders, and post-exploitation frameworks are written in C#. Learning it means reading enterprise source, building Windows tooling, and understanding the .NET attack surface.

Why learn C#

  • Enterprise Windows apps and internal tools are overwhelmingly .NET.
  • Modern offensive tooling (Rubeus, SharpHound, Seatbelt) is C#.
  • Reflection and deserialization make for rich vulnerability classes.

Security applications

  • Windows and Active Directory tooling
  • Source review of enterprise .NET applications
  • Insecure deserialization exploitation
  • In-memory and reflective loading techniques
  • API and web security for ASP.NET

Planned curriculum

  1. C# syntax and the .NET runtime
  2. Reading enterprise application source
  3. Reflection and dynamic loading
  4. Insecure deserialization in .NET
  5. Building offensive tooling in C#
  6. ASP.NET web security
  7. Interop and P/Invoke
  8. Evasion and in-memory execution concepts
This path is on the roadmap. The four live courses (Python, JavaScript, Bash, Regex) will teach you most of what carries over.

Related languages

Java Roadmap PowerShell Roadmap C++ Roadmap