A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
☆66Mar 6, 2026Updated 2 weeks ago
Alternatives and similar repositories for COFF-Loader
Users that are interested in COFF-Loader are comparing it to the libraries listed below
Sorting:
- ☆100Sep 1, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- ☆61Jan 9, 2023Updated 3 years ago
- Load a dynamic library from memory by modifying the native Windows loader☆286Jun 18, 2025Updated 9 months ago
- ☆33Jan 23, 2025Updated last year
- ☆125Jun 28, 2023Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in C☆137Sep 20, 2025Updated 6 months ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- A BOF to automate common persistence tasks for red teamers☆297Mar 7, 2023Updated 3 years ago
- ☆31Jul 26, 2024Updated last year
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆69Mar 8, 2026Updated last week
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated last month
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆86Apr 15, 2025Updated 11 months ago
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 3 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆271Oct 31, 2024Updated last year
- ☆42Feb 18, 2025Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆324Jun 18, 2023Updated 2 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- A small x64 library to load dll's into memory.☆458Nov 6, 2023Updated 2 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 3 years ago
- Use hardware breakpoint to dynamically change SSN in run-time☆280Apr 10, 2024Updated last year
- ☆620Jul 21, 2025Updated 8 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- ☆108Aug 21, 2024Updated last year
- ☆128Jun 28, 2023Updated 2 years ago
- Linker for Beacon Object Files☆160Feb 22, 2026Updated 3 weeks ago