Cobalt Strike BOF that Add an admin user
☆79Oct 11, 2022Updated 3 years ago
Alternatives and similar repositories for AddUser-Bof
Users that are interested in AddUser-Bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆135Nov 30, 2022Updated 3 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Sep 1, 2021Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 3 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆152Sep 3, 2020Updated 5 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆554Jan 18, 2022Updated 4 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆343Apr 10, 2022Updated 3 years ago
- ☆176Mar 27, 2023Updated 2 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆214Oct 9, 2022Updated 3 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- Memshell☆294Dec 7, 2021Updated 4 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆83May 23, 2022Updated 3 years ago
- NetBIOS scanning tool written in c#☆70Aug 6, 2021Updated 4 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- ☆125Jun 28, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- ☆26Apr 24, 2025Updated 10 months ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆90Nov 5, 2021Updated 4 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- 使用windows api添加用户,可用于net无法使用时.分为nim版,c++版本,RDI版,BOF版。☆421Sep 29, 2021Updated 4 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- A BOF to automate common persistence tasks for red teamers☆297Mar 7, 2023Updated 3 years ago
- 提取DC日志,快速获取域用户对应IP地址☆309Mar 21, 2022Updated 4 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- 自己开的cs插件☆248Feb 10, 2023Updated 3 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆49Dec 31, 2021Updated 4 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago