User-Defined C2 BOF Template
☆28Nov 24, 2025Updated 3 months ago
Alternatives and similar repositories for udc2-vs
Users that are interested in udc2-vs are comparing it to the libraries listed below
Sorting:
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago
- UDC2 implementation that provides an ICMP C2 channel☆115Nov 24, 2025Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 7 months ago
- ☆139Jan 16, 2025Updated last year
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆66Dec 15, 2025Updated 2 months ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 7 months ago
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- ☆50Jun 4, 2025Updated 9 months ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- various methods of making API calls☆19Feb 1, 2025Updated last year
- redc use template | redc 使用模版库☆41Updated this week
- Repository for dirty scripts and PoCs☆20Feb 18, 2025Updated last year
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 8 months ago
- Zero-dependency MCP server implementation.☆61Feb 23, 2026Updated last week
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- A C# tool for extracting information from SCCM PXE boot media.☆51Jan 14, 2026Updated last month
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 7 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆102Jul 9, 2025Updated 7 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- CVE-2024-40711-exp☆42Oct 17, 2024Updated last year
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆49Nov 2, 2025Updated 4 months ago
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- ☆55May 31, 2025Updated 9 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated 11 months ago
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆108Aug 18, 2025Updated 6 months ago
- A simple Sleepmask BOF example☆168Nov 24, 2025Updated 3 months ago