open source port/reimplementation of the Cobalt Strike BOF Loader as is
☆68Feb 3, 2026Updated 3 weeks ago
Alternatives and similar repositories for Cobaltstrike_BOFLoader
Users that are interested in Cobaltstrike_BOFLoader are comparing it to the libraries listed below
Sorting:
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- List web account manager (WAM) accounts added to the current profile☆22Dec 11, 2025Updated 2 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆26Dec 20, 2025Updated 2 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆65Dec 16, 2023Updated 2 years ago
- BOF template with boflink and mutator kit support☆49Jan 8, 2026Updated last month
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆123Jan 17, 2026Updated last month
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- ☆100Sep 1, 2024Updated last year
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆193Dec 17, 2025Updated 2 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆157Mar 26, 2025Updated 11 months ago
- Windows Kernel Rootkit☆59Nov 24, 2025Updated 3 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- ☆11Feb 12, 2023Updated 3 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 2 months ago
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆152Feb 11, 2026Updated 2 weeks ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- An example reference design for a proposed BOF PE☆197Jan 23, 2026Updated last month
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Oct 22, 2025Updated 4 months ago
- [EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction☆17Nov 9, 2024Updated last year
- A BOF that's a BOF Loader and more☆198Jan 17, 2026Updated last month
- AV bypass while you sip your Chai!☆224May 17, 2024Updated last year
- ☆108Aug 21, 2024Updated last year
- Lateral movement with DCOM DLL hijacking☆177Jul 4, 2025Updated 7 months ago
- Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.☆12May 28, 2025Updated 8 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Dec 23, 2023Updated 2 years ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆100Feb 14, 2026Updated last week
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated 3 weeks ago
- Dynamic Indirect Syscalls via JOP/ROP in Pure no_std, no_alloc, no dependency Rust☆43Aug 6, 2025Updated 6 months ago
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- Random BOFs for LDAP tradecraft☆73Sep 9, 2025Updated 5 months ago