0x3rhy/BypassCredGuard-BOF external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

0x3rhy/BypassCredGuard-BOF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0x3rhy/BypassCredGuard-BOF)

Close

0x3rhy / BypassCredGuard-BOFView on GitHubMore

• External links
• Readme badge

BypassCredGuard CS BOF

☆51Jan 23, 2025Updated last year

Alternatives and similar repositories for BypassCredGuard-BOF

Users that are interested in BypassCredGuard-BOF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• FalconForceTeam / bof-winrm-plugin-jump

  View on GitHub
  ☆36Jan 23, 2025Updated last year
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆146Nov 6, 2025Updated 5 months ago
• ricardojoserf / SharpNado

  View on GitHub
  Repository to gather the .NET malware I will be developing
  ☆17Mar 7, 2026Updated last month
• FalconForceTeam / bof-winrm-client

  View on GitHub
  ☆129Jan 23, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆150Apr 18, 2025Updated last year
• ricardojoserf / SharpSelfDelete

  View on GitHub
  PoC to self-delete a binary in C#
  ☆36Feb 6, 2024Updated 2 years ago
• EricEsquivel / OpsLoader

  View on GitHub
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆46Sep 25, 2024Updated last year
• EspressoCake / ReadRemoteProcessCommandline_BOF

  View on GitHub
  ☆29May 10, 2024Updated last year
• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆235Oct 8, 2024Updated last year
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆445Dec 21, 2023Updated 2 years ago
• ricardojoserf / NativeTokenImpersonate

  View on GitHub
  Impersonate Tokens using only NTAPI functions
  ☆84Apr 4, 2025Updated last year
• Cobalt-Strike / obfuscator-llvm

  View on GitHub
  ☆57Jan 15, 2024Updated 2 years ago
• rad9800 / FileRenameJunctionsEDRDisable

  View on GitHub
  ☆158Dec 13, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• ScriptIdiot / sleepmask_PatchlessHook

  View on GitHub
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆86Mar 19, 2023Updated 3 years ago
• BambiZombie / bypass_uac_bof

  View on GitHub
  一个普通的BOF用来BypassUAC
  ☆22Apr 6, 2024Updated 2 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆176Mar 27, 2023Updated 3 years ago
• williamknows / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆91Oct 13, 2024Updated last year
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆231Dec 3, 2025Updated 4 months ago
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆217Oct 19, 2024Updated last year
• RalfHacker / Kerbeus-BOF

  View on GitHub
  BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
  ☆560Nov 23, 2025Updated 4 months ago
• delivr-to / MailCollector

  View on GitHub
  A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM
  ☆20Jul 19, 2025Updated 8 months ago
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆405Mar 28, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• outflanknl / nix_bof_template

  View on GitHub
  Beacon Object File (BOF) Template
  ☆85Mar 9, 2026Updated last month
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆40Aug 5, 2025Updated 8 months ago
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆162Mar 1, 2024Updated 2 years ago
• EspressoCake / BOF_NativeAPI_Definitions-VSCode

  View on GitHub
  A VSCode plugin to assist with BOF development.
  ☆37Aug 14, 2024Updated last year
• securifybv / BOFRyptor

  View on GitHub
  ☆124Oct 9, 2023Updated 2 years ago
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 2 years ago
• Ridter / netsync

  View on GitHub
  Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.
  ☆62Feb 25, 2025Updated last year
• nick-frischkorn / SuspendEventLogBOF

  View on GitHub
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆29Jun 17, 2022Updated 3 years ago
• decoder-it / NewMachineAccount

  View on GitHub
  ☆39Feb 26, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆269Apr 8, 2025Updated last year
• ScriptIdiot / sleepmask_ekko_cfg

  View on GitHub
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆49Mar 15, 2023Updated 3 years ago
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• silentEAG / RedTeamOps

  View on GitHub
  Use Rust to implement some Red Team techniques :)
  ☆13Nov 11, 2024Updated last year
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆191Jan 17, 2026Updated 3 months ago
• dobin / ShellcodeObfuscationLab

  View on GitHub
  Test bench lab for Shellcode Obfuscation
  ☆36Sep 2, 2025Updated 7 months ago
• andrecrafts / CobaltStrike-YARA-Bypass-f0b627fc

  View on GitHub
  Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.
  ☆53Oct 2, 2025Updated 6 months ago