ElJaviLuki / CobaltStrike_OpenBeacon
Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.
☆181Updated 10 months ago
Alternatives and similar repositories for CobaltStrike_OpenBeacon:
Users that are interested in CobaltStrike_OpenBeacon are comparing it to the libraries listed below
- ☆218Updated 8 months ago
- Weaponized HellsGate/SigFlip☆198Updated last year
- Port of Cobalt Strike's Process Inject Kit☆160Updated last month
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆123Updated last month
- A Tool that aims to evade av with binary padding☆144Updated 6 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆145Updated 3 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆233Updated 7 months ago
- An App Domain Manager Injection DLL PoC on steroids☆164Updated last year
- Execute shellcode files with rundll32☆191Updated 11 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆175Updated 3 months ago
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆187Updated 4 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆320Updated last month
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆157Updated last month
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆154Updated 4 months ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆207Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆150Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆220Updated last year
- To audit the security of read-only domain controllers☆114Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 5 months ago
- ApexLdr is a DLL Payload Loader written in C☆105Updated 6 months ago
- A C# port from Invoke-GhostTask☆112Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆274Updated last month
- TeamServer and Client of Exploration Command and Control Framework☆82Updated this week
- Lateral Movement☆122Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆270Updated 9 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆252Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆197Updated last year
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆121Updated 2 years ago