NVISOsecurity/cs2br-bof external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

NVISOsecurity/cs2br-bof

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/NVISOsecurity/cs2br-bof)

Close

NVISOsecurity / cs2br-bofView on GitHubMore

• External links
• Readme badge

Run Cobalt Strike BOFs in Brute Ratel C4!

☆88Apr 15, 2025Updated last year

Alternatives and similar repositories for cs2br-bof

Users that are interested in cs2br-bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• passthehashbrowns / BOFMask

  View on GitHub
  ☆131Jun 28, 2023Updated 2 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆159Nov 7, 2023Updated 2 years ago
• nick-frischkorn / SuspendEventLogBOF

  View on GitHub
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆29Jun 17, 2022Updated 3 years ago
• Hagrid29 / BOF-RemoteRegSave

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer
  ☆18Mar 4, 2023Updated 3 years ago
• ScriptIdiot / sleepmask_ekko_cfg

  View on GitHub
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆49Mar 15, 2023Updated 3 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆179Mar 27, 2023Updated 3 years ago
• securifybv / BOFRyptor

  View on GitHub
  ☆124Oct 9, 2023Updated 2 years ago
• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆148Nov 6, 2025Updated 7 months ago
• EspressoCake / Defender-Exclusions-Creator-BOF

  View on GitHub
  ☆83Nov 1, 2023Updated 2 years ago
• xforcered / BOFMask

  View on GitHub
  ☆128Jun 28, 2023Updated 2 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆289Jun 8, 2023Updated 3 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆381Apr 19, 2023Updated 3 years ago
• Octoberfest7 / CVE-2023-36874_BOF

  View on GitHub
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆205Aug 25, 2023Updated 2 years ago
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆326Jul 2, 2023Updated 2 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆138Dec 4, 2023Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆702Oct 23, 2024Updated last year
• c3r3br4t3 / ShadowRDP

  View on GitHub
  ☆76Feb 4, 2024Updated 2 years ago
• yamakadi / ldr

  View on GitHub
  A work in progress BOF/COFF loader in Rust
  ☆50Mar 22, 2023Updated 3 years ago
• antroguy / LocklessBof

  View on GitHub
  Lockless BOF
  ☆79May 2, 2025Updated last year
• x42en / sysplant

  View on GitHub
  Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
  ☆130Updated this week
• rkbennett / pyThreadlessInject

  View on GitHub
  A python port of CCob's ThreadlessInject
  ☆25Mar 18, 2023Updated 3 years ago
• WKL-Sec / Winsocky

  View on GitHub
  Winsocket for Cobalt Strike.
  ☆105Jul 6, 2023Updated 2 years ago
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• mandiant / msi-search

  View on GitHub
  ☆291Jul 20, 2023Updated 2 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆124May 29, 2022Updated 4 years ago
• williamknows / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆92Oct 13, 2024Updated last year
• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆109Jan 24, 2024Updated 2 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Feb 11, 2024Updated 2 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆97Mar 8, 2023Updated 3 years ago
• ZephrFish / QoL-BOFs

  View on GitHub
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆139Dec 7, 2025Updated 6 months ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated last year
• EspressoCake / BetterPipename

  View on GitHub
  Example of using Sleep to create better named pipes.
  ☆41Jul 25, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆208Apr 29, 2024Updated 2 years ago
• CodeXTF2 / WebcamBOF

  View on GitHub
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆160Mar 26, 2025Updated last year
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆358Nov 19, 2024Updated last year
• tijme / cmstplua-uac-bypass

  View on GitHub
  Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
  ☆216Oct 9, 2022Updated 3 years ago
• CodeXTF2 / WindowSpy

  View on GitHub
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆284Feb 24, 2025Updated last year
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated last year
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 3 years ago