A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.
☆75Aug 24, 2025Updated 6 months ago
Alternatives and similar repositories for bof_oxide
Users that are interested in bof_oxide are comparing it to the libraries listed below
Sorting:
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- A simple website to act as a store for havoc modules and extensions☆29Jan 20, 2025Updated last year
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated 2 months ago
- WebClientRelayUp - an universal no-fix local privilege escalation in domain-joined windows workstations in default configuration.☆76Feb 25, 2026Updated 3 weeks ago
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆39Feb 19, 2026Updated last month
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆87Apr 26, 2025Updated 10 months ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆24Jul 11, 2025Updated 8 months ago
- Process dumper wrote in rust.☆14Sep 16, 2024Updated last year
- Adversary Emulation Framework☆129Jul 1, 2025Updated 8 months ago
- A pointer encryption library intended for Red Team implant design in Rust.☆66Oct 1, 2025Updated 5 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆103Jul 9, 2025Updated 8 months ago
- A COFF Loader written in Rust☆140Dec 1, 2025Updated 3 months ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 8 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆16Jun 3, 2025Updated 9 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Generate an Alphabetical Polymorphic Shellcode☆137Aug 19, 2025Updated 7 months ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆214Oct 9, 2022Updated 3 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin☆122Jan 4, 2026Updated 2 months ago
- This repository contains a collection of scripts I use regularly for offensive security-related tasks.☆16Mar 9, 2026Updated 2 weeks ago
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆54Jun 2, 2025Updated 9 months ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- ☆52May 4, 2025Updated 10 months ago
- A Reflective Loader for macOS☆148Jul 20, 2025Updated 8 months ago
- Call Stack Spoofing for Rust☆212Jan 28, 2026Updated last month
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆105Feb 25, 2025Updated last year
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆30Oct 2, 2025Updated 5 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 7 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 3 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆91Jan 2, 2026Updated 2 months ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- Self-mutating macOS implant☆125Mar 16, 2026Updated last week