Hagrid29 / BOF-DCOMPotato-PrintNotifyView external linksLinks
Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object to DCOM call of PrintNotify.
☆96Mar 20, 2023Updated 2 years ago
Alternatives and similar repositories for BOF-DCOMPotato-PrintNotify
Users that are interested in BOF-DCOMPotato-PrintNotify are comparing it to the libraries listed below
Sorting:
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆215Oct 9, 2022Updated 3 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆271Apr 17, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 2 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- ☆100Sep 1, 2024Updated last year
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆134Nov 30, 2022Updated 3 years ago
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆156Mar 26, 2025Updated 10 months ago
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆165Sep 22, 2025Updated 4 months ago
- ☆19Jan 25, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆490Dec 7, 2025Updated 2 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆85Oct 20, 2025Updated 3 months ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆27Jun 13, 2024Updated last year
- ☆126Jun 28, 2023Updated 2 years ago
- ☆241May 5, 2024Updated last year
- Beacon Object File allowing creation of Beacons in different sessions.☆82May 23, 2022Updated 3 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- BOF to decrypt Signal Desktop chat logs☆72Feb 20, 2025Updated 11 months ago
- Basic Psexec clone, but in golang.☆16Jul 2, 2022Updated 3 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆122Jan 17, 2026Updated 3 weeks ago
- Linker for Beacon Object Files☆149Updated this week
- A Windows potato to privesc☆391Aug 26, 2024Updated last year
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- Beacon Object File (BOF) Template☆61Feb 6, 2026Updated last week