Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
☆47Mar 4, 2023Updated 3 years ago
Alternatives and similar repositories for BOF-SprayAD
Users that are interested in BOF-SprayAD are comparing it to the libraries listed below
Sorting:
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- Cobalt Strike BOF that Add an admin user☆79Oct 11, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 2 years ago
- golang rpc框架,支持数据加密传输☆13Feb 19, 2026Updated 2 weeks ago
- ☆125Jun 28, 2023Updated 2 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API��☆87Mar 22, 2023Updated 2 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆136Nov 30, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆85May 7, 2023Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆83May 23, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆214Oct 9, 2022Updated 3 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated 11 months ago
- Thanks to @d35ha☆13Aug 16, 2021Updated 4 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- Dirfuzz by golang☆15Feb 28, 2023Updated 3 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆277Apr 17, 2023Updated 2 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- ☆109Feb 17, 2025Updated last year
- ☆162Mar 27, 2023Updated 2 years ago