BOF template with boflink and mutator kit support
☆49Jan 8, 2026Updated last month
Alternatives and similar repositories for bof_template
Users that are interested in bof_template are comparing it to the libraries listed below
Sorting:
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆70Dec 26, 2025Updated 2 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- Ludus FastMCP enables AI-powered management of Ludus cyber ranges through natural language commands. The server exposes **157 tools** acr…☆72Dec 31, 2025Updated 2 months ago
- random code snippets, useful for getting started☆122Nov 29, 2025Updated 3 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆68Feb 3, 2026Updated 3 weeks ago
- Caddy v2 module to filter requests based on C2 profiles☆46Apr 24, 2025Updated 10 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- POC tool to abuse windows server failover clusters☆55Aug 7, 2025Updated 6 months ago
- ☆57Jan 15, 2024Updated 2 years ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- SysCalling is an educational project demonstrating state-of-the-art syscall execution techniques for bypassing user-space EDR controls in…☆14Dec 8, 2024Updated last year
- ☆47Dec 5, 2025Updated 2 months ago
- Resolve syscall numbers at runtime for all Windows versions.☆59Nov 21, 2024Updated last year
- ☆36Aug 21, 2024Updated last year
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆133Nov 12, 2025Updated 3 months ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Jan 23, 2020Updated 6 years ago
- Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.☆12May 28, 2025Updated 9 months ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated last month
- ☆16Oct 15, 2024Updated last year
- Linker for Beacon Object Files☆155Updated this week
- A Rust template for writing Beacon Object Files (BOFs)☆100Feb 11, 2026Updated 2 weeks ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆115Jan 29, 2026Updated last month
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆107Feb 21, 2026Updated last week
- Rust implementation of the Process Herpaderping☆26Jul 6, 2023Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- ☆65Mar 15, 2024Updated last year
- A collection of random small Aggressor snippets that don't warrant their own repo☆25Mar 23, 2023Updated 2 years ago
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆104Jan 26, 2026Updated last month
- Modified version of PEAS client for offensive operations☆16Mar 8, 2021Updated 4 years ago
- example using NtCreateUserProcess in rust☆19Jan 20, 2025Updated last year
- Indirect Syscall with TartarusGate Approach in Go☆134Jul 8, 2025Updated 7 months ago
- ☆28Feb 11, 2026Updated 2 weeks ago
- A Windows tool that converts LDIF files to BloodHound CE☆26Dec 20, 2025Updated 2 months ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.☆44Feb 12, 2026Updated 2 weeks ago