Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
☆30Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for kernel-mii
Users that are interested in kernel-mii are comparing it to the libraries listed below
Sorting:
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Cobalt Strike Get clipboard plugin☆15Aug 11, 2023Updated 2 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- ☆142May 4, 2022Updated 3 years ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆458Mar 25, 2024Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago
- ☆74Jun 17, 2025Updated 9 months ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- ☆61Aug 30, 2021Updated 4 years ago
- Zoom Persistence Aggressor and Handler☆55Mar 24, 2021Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Jul 7, 2022Updated 3 years ago
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- An aggressor script for Cobalt Strike to query Windows' GetLastError messages☆18Sep 25, 2022Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- EventViewer Bypass Uac Bof☆23Jul 23, 2022Updated 3 years ago
- ☆30Jul 18, 2025Updated 8 months ago
- ☆36May 27, 2024Updated last year
- ☆121Jun 17, 2022Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆109Oct 10, 2021Updated 4 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Small POC for process ghosting☆40Feb 1, 2022Updated 4 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- A quick example of the Hells Gate technique in Nim☆93Aug 11, 2021Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 3 years ago
- ☆13May 27, 2020Updated 5 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- ☆207Feb 24, 2022Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- C# Data Collector for the BloodHound Project, Version 3☆37Dec 28, 2021Updated 4 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Process Ghosting in C#☆220Jan 24, 2022Updated 4 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆108Jul 26, 2024Updated last year
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆25May 23, 2022Updated 3 years ago
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆45Sep 15, 2022Updated 3 years ago