CodeXTF2 / ScreenshotBOF

Related projects: ⓘ

• Cracked5pider / KaynStrike
  UDRL for CS
  ☆410Updated 9 months ago
• mgeeky / ElusiveMice
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆414Updated last year
• m3rcer / Chisel-Strike
  A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
  ☆436Updated 5 months ago
• Octoberfest7 / MemFiles
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆418Updated 2 months ago
• CodeXTF2 / Burp2Malleable
  Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
  ☆359Updated last year
• crisprss / RasmanPotato
  Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
  ☆365Updated last year
• nickvourd / COM-Hunter
  COM Hijacking VOODOO
  ☆253Updated 6 months ago
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆263Updated last year
• zcgonvh / DCOMPotato
  Some Service DCOM Object and SeImpersonatePrivilege abuse.
  ☆347Updated last year
• f1zm0 / hades
  Go shellcode loader that combines multiple evasion techniques
  ☆337Updated last year
• BishopFox / sliver-gui
  A Sliver GUI Client
  ☆288Updated last year
• WKL-Sec / Malleable-CS-Profiles
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆355Updated 6 months ago
• improsec / SharpEventPersist
  Persistence by writing/reading shellcode from Event Log
  ☆363Updated 2 years ago
• wh0amitz / BypassCredGuard
  Credential Guard Bypass Via Patching Wdigest Memory
  ☆304Updated last year
• antonioCoco / SspiUacBypass
  Bypassing UAC with SSPI Datagram Contexts
  ☆335Updated 11 months ago
• D1rkMtr / ExecRemoteAssembly
  ☆245Updated this week
• pwn1sher / WMEye
  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
  ☆360Updated 2 years ago
• anthemtotheego / InlineExecute-Assembly
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆588Updated last year
• Hagrid29 / DuplicateDump
  Dumping LSASS with a duplicated handle from custom LSA plugin
  ☆194Updated 2 years ago
• SaadAhla / UnhookingPatch
  Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
  ☆296Updated last year
• YOLOP0wn / POSTDump
  ☆310Updated 10 months ago
• antonioCoco / MalSeclogon
  A little tool to play with the Seclogon service
  ☆301Updated 2 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆427Updated last year
• boku7 / Ninja_UUID_Runner
  Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
  ☆430Updated last year
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆208Updated 2 years ago
• SaadAhla / D1rkLdr
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆299Updated last year
• cube0x0 / MiniDump
  C# Lsass parser
  ☆277Updated 2 years ago
• N7WEra / BofAllTheThings
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆408Updated last year
• securifybv / Visual-Studio-BOF-template
  A Visual Studio template used to create Cobalt Strike BOFs
  ☆278Updated 2 years ago
• kyxiaxiang / Beacon_Source
  not a reverse-engineered version of the Cobalt Strike Beacon
  ☆326Updated 5 months ago