Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable API calls.
☆62Apr 1, 2026Updated this week
Alternatives and similar repositories for kslkatz_bof
Users that are interested in kslkatz_bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 7 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆68Jan 5, 2026Updated 3 months ago
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆55Jun 2, 2025Updated 10 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆20Nov 11, 2025Updated 4 months ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆44Feb 6, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 3 months ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆70Dec 15, 2025Updated 3 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆100Dec 22, 2025Updated 3 months ago
- Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…☆121Dec 7, 2025Updated 4 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆117Dec 21, 2025Updated 3 months ago
- ☆41Oct 8, 2024Updated last year
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Resolve offsets, gadgets and symbols from NTKernel☆60Jan 15, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Linux Process Injection via Seccomp Notifier☆84Dec 9, 2025Updated 3 months ago
- A tool used the Sleep Obfuscation and Memory encrypt technique to evade the anti-virus.A Proof of Concept,only used for study purpose.☆30Aug 29, 2024Updated last year
- C++ Assembler with Built-in Mutation Engine☆30Sep 6, 2025Updated 7 months ago
- A C++17 header-only library that provides compile-time string encryption and decryption using SIMD instructions and junk code injection.☆28Mar 2, 2026Updated last month
- Cobalt Strike module x loader x profile x wike / A public collection of open resources for Cobalt Strike (only legal use in Red Team and …☆115Mar 6, 2026Updated last month
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- ☆108Nov 14, 2025Updated 4 months ago
- Canbus library for Golang☆10Apr 11, 2018Updated 7 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- like hidden-tear with libsodium☆21Aug 20, 2015Updated 10 years ago
- CVE-2023-33381: OS command injection on MitraStar GPT-2741GNAC☆13Jun 1, 2023Updated 2 years ago
- 这是一个shellcode简单的示例demo,使目标exe程序转换为shellcode可执行程序的一个demo【并不打算后期维护】,两年前写的,我发现被工作磨平了对技术的探索,今天翻到发现的。☆11Sep 23, 2023Updated 2 years ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Load a dynamic library from memory using a fuse mount☆32Sep 15, 2023Updated 2 years ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆119Oct 30, 2025Updated 5 months ago
- AWS X-Ray for Covert Command & Control☆45Oct 13, 2025Updated 5 months ago
- "Two-Face" Rust binary on Linux☆51Nov 10, 2025Updated 4 months ago
- win api hooks☆15Jun 8, 2017Updated 8 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Three different shellcode techniques on the Windows Kernel☆15Apr 8, 2025Updated 11 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆35Apr 16, 2024Updated last year
- ☆109Dec 10, 2025Updated 3 months ago
- 🗣️ libp2p pubsub with controls exposed via a gRPC API☆14Jul 5, 2019Updated 6 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆99Mar 20, 2023Updated 3 years ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆26Mar 31, 2026Updated last week
- Sublime Text 2 plugin for Simplenote☆11Oct 14, 2018Updated 7 years ago