A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
☆45Sep 25, 2024Updated last year
Alternatives and similar repositories for OpsLoader
Users that are interested in OpsLoader are comparing it to the libraries listed below
Sorting:
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 10 months ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆215Oct 9, 2022Updated 3 years ago
- Bypass LSA protection using the BYODLL technique☆171Sep 21, 2024Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- ☆126Sep 1, 2024Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆123Jan 17, 2026Updated last month
- ☆100Sep 1, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- ☆75Feb 4, 2024Updated 2 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆65Updated this week
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆136Apr 18, 2025Updated 10 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Oct 4, 2024Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆672Aug 15, 2025Updated 6 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆199Jun 17, 2025Updated 8 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Port of Cobalt Strike's Process Inject Kit☆190Dec 1, 2024Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- ☆33Jan 23, 2025Updated last year
- UAC Bypass using UIAccess program QuickAssist☆211Nov 30, 2025Updated 3 months ago
- ☆123Oct 9, 2023Updated 2 years ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 10 months ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 2 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- AV bypass while you sip your Chai!☆224May 17, 2024Updated last year
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- Random BOFs for LDAP tradecraft☆73Sep 9, 2025Updated 5 months ago
- A Beacon Object File (BOF) is a compiled C program, written to a convention that allows it to execute within a Beacon process and use int…☆247Nov 24, 2025Updated 3 months ago