MayerDaniel/the-one-wsl-bof external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

MayerDaniel/the-one-wsl-bof

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/MayerDaniel/the-one-wsl-bof)

Close

MayerDaniel / the-one-wsl-bofView on GitHubMore

• External links
• Readme badge

One WSL BOF to rule them all

☆176Jan 14, 2026Updated 4 months ago

Alternatives and similar repositories for the-one-wsl-bof

Users that are interested in the-one-wsl-bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mandiant / cleanldap

  View on GitHub
  ☆189Oct 21, 2025Updated 7 months ago
• pard0p / Self-Cleaning-PICO-Loader

  View on GitHub
  Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …
  ☆53Nov 2, 2025Updated 6 months ago
• rasta-mouse / atomic-bofs

  View on GitHub
  Atomic test units for BOF execution
  ☆57Apr 26, 2026Updated last month
• crtvrffnrt / apimspray

  View on GitHub
  Azure apim mini proxy
  ☆59May 18, 2026Updated last week
• jakobfriedl / tgt-monitor-bof

  View on GitHub
  Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.
  ☆121Apr 22, 2026Updated last month
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• tothi / malicious-service

  View on GitHub
  Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
  ☆14Nov 13, 2022Updated 3 years ago
• Tw1sm / list-wam-accounts

  View on GitHub
  List web account manager (WAM) accounts added to the current profile
  ☆26Dec 11, 2025Updated 5 months ago
• Flangvik / RegPwnBOF

  View on GitHub
  Bof of RegPwn by MDSec
  ☆123Mar 15, 2026Updated 2 months ago
• HulkOperator / Spoof-RetAddr

  View on GitHub
  ☆37Nov 8, 2024Updated last year
• monsieurPale / BreakFAST

  View on GitHub
  Proof of concept for Kerberos Armoring abuse.
  ☆84Dec 12, 2025Updated 5 months ago
• Muz1K1zuM / UnderlayCopy_bof

  View on GitHub
  BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell
  ☆129Apr 6, 2026Updated last month
• 0xTriboulet / InlineExecuteEx

  View on GitHub
  A BOF that's a BOF Loader and more
  ☆205Apr 6, 2026Updated last month
• MazX0p / mssqlbof

  View on GitHub
  A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself
  ☆96Apr 9, 2026Updated last month
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆42Aug 5, 2025Updated 9 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• maxDcb / DreamWalkers

  View on GitHub
  Lab research on Windows loader internals, PE loading, stack artifacts, and execution tradeoffs.
  ☆235May 4, 2026Updated 3 weeks ago
• draktuls / IAF-EAF-Shellcode-bypass-PoC

  View on GitHub
  Shellcode capable of bypassing EAF / IAF mitigations
  ☆29Apr 11, 2023Updated 3 years ago
• lsecqt / SessionView

  View on GitHub
  A portable C# utility for enumerating local and remote windows sessions
  ☆57Jan 1, 2026Updated 4 months ago
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆148Nov 15, 2023Updated 2 years ago
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆86Jan 26, 2026Updated 4 months ago
• SafeBreach-Labs / EventLogin-CVE-2025-29969

  View on GitHub
  Exploitation of CVE-2025-29969
  ☆67Feb 20, 2026Updated 3 months ago
• NtDallas / BOF_Spawn

  View on GitHub
  Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
  ☆154Nov 23, 2025Updated 6 months ago
• gatariee / minrm

  View on GitHub
  a minimalistic winrm client written in python
  ☆47Apr 17, 2026Updated last month
• dazzyddos / lsawhisper-bof

  View on GitHub
  A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…
  ☆296Feb 21, 2026Updated 3 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆62Jun 9, 2025Updated 11 months ago
• frkngksl / ExportHider

  View on GitHub
  ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.
  ☆33Apr 12, 2026Updated last month
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆19Mar 19, 2025Updated last year
• tijme / relocatable

  View on GitHub
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆117Jan 20, 2025Updated last year
• wolfcod / beacondbg

  View on GitHub
  Beacon Debugger
  ☆56Oct 28, 2024Updated last year
• kozmer / aad-bofs

  View on GitHub
  ☆139Nov 17, 2025Updated 6 months ago
• Maldev-Academy / TrapFlagForSyscalling

  View on GitHub
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆139Aug 25, 2025Updated 9 months ago
• N7WEra / BofAllTheThings

  View on GitHub
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆639Mar 2, 2026Updated 2 months ago
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆154Mar 25, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆127Sep 1, 2024Updated last year
• ryanq47 / CS-EXTC2-ICMP

  View on GitHub
  An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.
  ☆120Oct 6, 2025Updated 7 months ago
• mlcsec / EDRenum-BOF

  View on GitHub
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆134Oct 4, 2024Updated last year
• winterknife / SILVERPICK

  View on GitHub
  Windows User-Mode Shellcode Development Framework (WUMSDF)
  ☆132Nov 17, 2025Updated 6 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls2

  View on GitHub
  Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection
  ☆76Dec 26, 2025Updated 5 months ago
• rasta-mouse / process-inject-kit

  View on GitHub
  Port of Cobalt Strike's Process Inject Kit
  ☆194Dec 1, 2024Updated last year
• Cobalt-Strike / icmp-udc2

  View on GitHub
  UDC2 implementation that provides an ICMP C2 channel
  ☆124Nov 24, 2025Updated 6 months ago