A simple BOF implementation of klist using Windows API
☆32Jul 7, 2022Updated 3 years ago
Alternatives and similar repositories for BOF-klist
Users that are interested in BOF-klist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆313Jul 8, 2022Updated 3 years ago
- C# program to take a full size screenshot or a recording of the user's desktop. Takes in 0-3 flags☆84Oct 2, 2020Updated 5 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆95Mar 8, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Load any Beacon Object File using Powershell!☆261Dec 9, 2021Updated 4 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- ☆39Oct 12, 2022Updated 3 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Beacon Object Files for roasting Active Directory☆236Feb 21, 2022Updated 4 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Collection of extracted Microsoft Defender data for security research purposes☆234Jun 23, 2022Updated 3 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- ☆164Apr 25, 2022Updated 3 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125May 24, 2022Updated 3 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- ☆26Apr 24, 2025Updated 11 months ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆23Jul 31, 2025Updated 7 months ago
- ☆314May 16, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆83May 23, 2022Updated 3 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Nov 26, 2021Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago