Cobalt Strike BOF that Add an admin user
☆79Oct 11, 2022Updated 3 years ago
Alternatives and similar repositories for AddUser-Bof
Users that are interested in AddUser-Bof are comparing it to the libraries listed below
Sorting:
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 2 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆136Nov 30, 2022Updated 3 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Sep 1, 2021Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆556Jan 18, 2022Updated 4 years ago
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆83May 23, 2022Updated 3 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- ☆162Mar 27, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆215Oct 9, 2022Updated 3 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 2 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Memshell☆292Dec 7, 2021Updated 4 years ago
- NetBIOS scanning tool written in c#☆71Aug 6, 2021Updated 4 years ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Beacon Object Files.☆36Feb 26, 2024Updated 2 years ago
- A BOF to automate common persistence tasks for red teamers☆292Mar 7, 2023Updated 2 years ago
- ☆46Dec 5, 2023Updated 2 years ago
- Windows 平台下的UAC(User Account Contro) 绕过工具。☆66Jun 24, 2024Updated last year
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- ☆126Jun 28, 2023Updated 2 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆323Nov 17, 2021Updated 4 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- 使用windows api添加用户,可用于net无法使用时.分为nim版,c++版本,RDI版,BOF版。☆421Sep 29, 2021Updated 4 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago