One WSL BOF to rule them all
☆176Jan 14, 2026Updated 3 months ago
Alternatives and similar repositories for the-one-wsl-bof
Users that are interested in the-one-wsl-bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆189Oct 21, 2025Updated 6 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆53Nov 2, 2025Updated 6 months ago
- Atomic test units for BOF execution☆55Apr 26, 2026Updated last week
- Bof of RegPwn by MDSec☆118Mar 15, 2026Updated last month
- BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell☆125Apr 6, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Proof of concept for Kerberos Armoring abuse.☆83Dec 12, 2025Updated 4 months ago
- Azure apim mini proxy☆56Feb 16, 2026Updated 2 months ago
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆119Apr 22, 2026Updated 2 weeks ago
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆94Apr 9, 2026Updated last month
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆41Aug 5, 2025Updated 9 months ago
- Lab research on Windows loader internals, PE loading, stack artifacts, and execution tradeoffs.☆234Updated this week
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 3 years ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆86Jan 26, 2026Updated 3 months ago
- Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions☆14Nov 13, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Exploitation of CVE-2025-29969☆64Feb 20, 2026Updated 2 months ago
- ☆37Nov 8, 2024Updated last year
- List web account manager (WAM) accounts added to the current profile☆26Dec 11, 2025Updated 4 months ago
- A BOF that's a BOF Loader and more☆203Apr 6, 2026Updated last month
- ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.☆31Apr 12, 2026Updated 3 weeks ago
- Beacon Debugger☆55Oct 28, 2024Updated last year
- Implant drop-in for EDR testing☆148Nov 15, 2023Updated 2 years ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆74Dec 26, 2025Updated 4 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆155Nov 23, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆295Feb 21, 2026Updated 2 months ago
- Windows User-Mode Shellcode Development Framework (WUMSDF)☆132Nov 17, 2025Updated 5 months ago
- Port of Cobalt Strike's Process Inject Kit☆193Dec 1, 2024Updated last year
- UDC2 implementation that provides an ICMP C2 channel☆123Nov 24, 2025Updated 5 months ago
- a BOF implementation of various registry persistence methods☆97Nov 11, 2025Updated 5 months ago
- Creating a repository with all public Beacon Object Files (BoFs)☆633Mar 2, 2026Updated 2 months ago
- ☆19Sep 1, 2025Updated 8 months ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 4 months ago
- A simple Sleepmask BOF example☆172Nov 24, 2025Updated 5 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆138Oct 23, 2025Updated 6 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- ☆139Nov 17, 2025Updated 5 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆118Dec 21, 2025Updated 4 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 3 months ago
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆300Updated this week