open source port/reimplementation of the Cobalt Strike BOF Loader as is
☆72Mar 8, 2026Updated 3 months ago
Alternatives and similar repositories for Cobaltstrike_BOFLoader
Users that are interested in Cobaltstrike_BOFLoader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆98Apr 9, 2026Updated 2 months ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated 2 years ago
- List web account manager (WAM) accounts added to the current profile☆26Dec 11, 2025Updated 6 months ago
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆133Mar 27, 2026Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 10 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Windows tool that converts LDIF files to BloodHound CE☆32Dec 20, 2025Updated 6 months ago
- Bypassing Amsi using LdrLoadDll☆48Jan 8, 2025Updated last year
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆23Nov 11, 2025Updated 7 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆162Mar 26, 2025Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- arm64 linux position-independent shellcode framework☆31Dec 12, 2025Updated 6 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆16Jun 18, 2022Updated 4 years ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts shellcode into payloads specifically used for ph…☆143Jun 2, 2026Updated 3 weeks ago
- ☆86Feb 12, 2026Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆72Mar 6, 2026Updated 3 months ago
- Shellcode capable of bypassing EAF / IAF mitigations☆30Apr 11, 2023Updated 3 years ago
- A practical client for ADWS in Golang.☆54Mar 3, 2026Updated 3 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 5 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆105Jan 10, 2026Updated 5 months ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆74Oct 22, 2025Updated 8 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆136Jan 17, 2026Updated 5 months ago
- BOF template with boflink and mutator kit support☆52Jan 8, 2026Updated 5 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆142Jun 10, 2026Updated 2 weeks ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆95Sep 10, 2025Updated 9 months ago
- A BOF that's a BOF Loader and more☆208Apr 6, 2026Updated 2 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆109Nov 7, 2025Updated 7 months ago
- ☆100Sep 1, 2024Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated last year
- ☆11Feb 12, 2023Updated 3 years ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆199Nov 23, 2025Updated 7 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆38Apr 16, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Windows Kernel Rootkit☆69Nov 24, 2025Updated 7 months ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- An example reference design for a proposed BOF PE☆231Jan 23, 2026Updated 5 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 9 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆140Aug 25, 2025Updated 10 months ago
- abusing windows toast notifications for fun and user manipulation☆103Jun 2, 2026Updated 3 weeks ago
- ☆84Apr 8, 2026Updated 2 months ago