CodeXTF2 / ScreenshotBOFLinks
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
☆453Updated 6 months ago
Alternatives and similar repositories for ScreenshotBOF
Users that are interested in ScreenshotBOF are comparing it to the libraries listed below
Sorting:
- Credential Guard Bypass Via Patching Wdigest Memory☆330Updated 2 years ago
- UDRL for CS☆440Updated last year
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆392Updated 2 years ago
- Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles☆406Updated 2 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆465Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆486Updated 5 months ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆460Updated last year
- ☆338Updated 8 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆418Updated last year
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆364Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆347Updated 2 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆315Updated 3 years ago
- Fileless atexec, no more need for port 445☆396Updated last year
- A Windows potato to privesc☆386Updated last year
- COM Hijacking VOODOO☆317Updated 7 months ago
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆445Updated 2 years ago
- Go shellcode loader that combines multiple evasion techniques☆382Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆454Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆310Updated 3 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆477Updated 2 years ago
- elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative☆374Updated last year
- Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)☆465Updated 3 years ago
- UAC Bypass By Abusing Kerberos Tickets☆500Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆650Updated 2 months ago
- A Beacon Object File (BOF) is a compiled C program, written to a convention that allows it to execute within a Beacon process and use int…☆218Updated 7 months ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆237Updated 2 years ago
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆497Updated 2 years ago
- Windows Token Stealing Expert☆480Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆320Updated last year
- A BOF to automate common persistence tasks for red teamers☆290Updated 2 years ago