Cobalt-Strike / obfuscator-llvm

Related projects: ⓘ

• MrAle98 / BOF-RunPE
  ☆50Updated last year
• ShellBind / G0T-B0R3D
  ☆17Updated this week
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆51Updated last year
• EspressoCake / BOF_NativeAPI_Definitions-VSCode
  A VSCode plugin to assist with BOF development.
  ☆29Updated last month
• jsecu / ElevatedEvents
  ☆29Updated last year
• CUHKJason / BOF-klist
  A simple BOF implementation of klist using Windows API
  ☆30Updated 2 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆27Updated 2 years ago
• Allevon412 / BreadManModuleStomping
  ☆38Updated 11 months ago
• Octoberfest7 / JumpSession_BOF
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆73Updated 2 years ago
• sliverarmory / injectEtwBypass
  CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
  ☆30Updated 2 years ago
• timwhitez / AddressOfEntryPoint-injection
  x64 version
  ☆30Updated 2 years ago
• Kara-4search / HookDetection_CSharp
  HookDetection
  ☆44Updated 3 years ago
• SecIdiot / minbeacon
  ☆68Updated this week
• ASkyeye / CobaltPatch
  Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…
  ☆37Updated 4 years ago
• MrAle98 / Sliver-CPPImplant2
  Sliver agent rewritten in C++
  ☆31Updated 2 weeks ago
• D1rkMtr / AmsiScanBuffer
  ☆38Updated this week
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆29Updated 2 years ago
• slemire / bof-adopt
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆14Updated 2 years ago
• dxxzero / rusty_drivers
  BYOVD collection
  ☆19Updated 5 months ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 3 years ago
• ScriptIdiot / sleepmask_ekko_cfg
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆40Updated last year
• JetP1ane / Artemis
  Artemis - C++ Hell's Gate Syscall Implementation
  ☆31Updated last year
• waldo-irc / JYang
  ☆14Updated 2 years ago
• xpn / ObjectOverloadingPOC
  ☆58Updated 2 years ago
• D1rkMtr / SSN_Resolver
  ☆29Updated this week
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆37Updated last year
• ZephrFish / DynamicMSBuilder
  A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
  ☆30Updated 5 months ago
• aahmad097 / MMFCodeInjection
  ☆58Updated this week
• purplededa / CVE-2022-44721-CsFalconUninstaller
  ☆25Updated this week
• Quack2332 / Simple-.NET-Obfuscator-PoC
  ☆20Updated 3 months ago