βοΈπ€« Stealth redirector for your red team operation security
β1,067Mar 1, 2026Updated this week
Alternatives and similar repositories for BounceBack
Users that are interested in BounceBack are comparing it to the libraries listed below
Sorting:
- Collection of Beacon Object Files (BOF) for Cobalt Strikeβ675Aug 15, 2025Updated 6 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird β¦β779Jan 26, 2026Updated last month
- A beacon object file implementation of PoolParty Process Injection Technique.β434Dec 21, 2023Updated 2 years ago
- HVNC for Cobalt Strikeβ1,301Dec 7, 2023Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniβ¦β1,370Oct 27, 2023Updated 2 years ago
- Real fucking shellcode encryptor & obfuscator toolβ1,011Jan 7, 2026Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β614Jan 2, 2025Updated last year
- Cobalt Strike UDRL for memory scanner evasion.β1,006Jun 4, 2024Updated last year
- A BOF that runs unmanaged PEs inlineβ681Oct 23, 2024Updated last year
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.β1,199Apr 16, 2025Updated 10 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Frameworkβ637May 8, 2025Updated 9 months ago
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.β1,561Aug 20, 2024Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.β569Jan 20, 2026Updated last month
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the β¦β1,823Nov 3, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.β¦β892Feb 18, 2026Updated 2 weeks ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.β307Dec 9, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.β1,198Oct 16, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.β411Jan 11, 2026Updated last month
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β862Feb 3, 2024Updated 2 years ago
- Analyse your malware to surgically obfuscate itβ520Dec 17, 2025Updated 2 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph APIβ622Jun 25, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phanβ¦β283Sep 18, 2024Updated last year
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the β¦β568Jun 5, 2023Updated 2 years ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfveβ¦β592Jun 12, 2024Updated last year
- Remote operations commands implemented using Beacon Object Filesβ1,120Feb 23, 2026Updated last week
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8β351Aug 29, 2024Updated last year
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).β586Mar 19, 2024Updated last year
- β716Mar 22, 2024Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFsβ609Feb 21, 2024Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercerβ738May 19, 2023Updated 2 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.β281Feb 24, 2025Updated last year
- Terminate AV/EDR Processes using kernel driverβ352Jun 12, 2023Updated 2 years ago
- New generation of wmiexec.pyβ1,254Jan 5, 2026Updated 2 months ago
- β568Mar 28, 2024Updated last year
- Threadless Process Injection using remote function hooking.β810Sep 4, 2024Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!β1,401Nov 22, 2023Updated 2 years ago
- EDR Lab for Experimentation Purposesβ1,413Feb 25, 2026Updated last week
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).β546Nov 23, 2025Updated 3 months ago
- Execute unmanaged Windows executables in CobaltStrike Beaconsβ714Mar 4, 2023Updated 3 years ago