RalfHacker/Kerbeus-BOF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/RalfHacker/Kerbeus-BOF)

RalfHacker / Kerbeus-BOF

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

☆546

Alternatives and similar repositories for Kerbeus-BOF

Users that are interested in Kerbeus-BOF are comparing it to the libraries listed below

Sorting:

0xEr3bus / PoolPartyBof
View on GitHub
A beacon object file implementation of PoolParty Process Injection Technique.
☆434Dec 21, 2023Updated 2 years ago
fortra / No-Consolation
View on GitHub
A BOF that runs unmanaged PEs inline
☆681Oct 23, 2024Updated last year
wavvs / nanorobeus
View on GitHub
COFF file (BOF) for managing Kerberos tickets.
☆320Jul 2, 2023Updated 2 years ago
Tw1sm / SQL-BOF
View on GitHub
Library of BOFs to interact with SQL servers
☆223Dec 3, 2025Updated 3 months ago
REDMED-X / OperatorsKit
View on GitHub
Collection of Beacon Object Files (BOF) for Cobalt Strike
☆675Aug 15, 2025Updated 6 months ago
trustedsec / CS-Remote-OPs-BOF
View on GitHub
Remote operations commands implemented using Beacon Object Files
☆1,120Feb 23, 2026Updated last week
CICADA8-Research / RemoteKrbRelay
View on GitHub
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
☆637May 8, 2025Updated 9 months ago
zyn3rgy / smbtakeover
View on GitHub
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
☆345Nov 19, 2024Updated last year
icyguider / UAC-BOF-Bonanza
View on GitHub
Collection of UAC Bypass Techniques Weaponized as BOFs
☆609Feb 21, 2024Updated 2 years ago
outflanknl / C2-Tool-Collection
View on GitHub
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
☆1,370Oct 27, 2023Updated 2 years ago
Octoberfest7 / Inline-Execute-PE
View on GitHub
Execute unmanaged Windows executables in CobaltStrike Beacons
☆714Mar 4, 2023Updated 3 years ago
mlcsec / ASRenum-BOF
View on GitHub
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
☆160Mar 1, 2024Updated 2 years ago
EricEsquivel / Inline-EA
View on GitHub
Cobalt Strike BOF for evasive .NET assembly execution
☆308Mar 31, 2025Updated 11 months ago
Octoberfest7 / DropSpawn_BOF
View on GitHub
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
☆285Jun 8, 2023Updated 2 years ago
netero1010 / GhostTask
View on GitHub
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
☆614Jan 2, 2025Updated last year
Mr-Un1k0d3r / Elevate-System-Trusted-BOF
View on GitHub
☆162Mar 27, 2023Updated 2 years ago
VoldeSec / PatchlessCLRLoader
View on GitHub
.NET assembly loader with patchless AMSI and ETW bypass
☆368Apr 19, 2023Updated 2 years ago
deh00ni / NtDumpBOF
View on GitHub
☆100Sep 1, 2024Updated last year
wotwot563 / aad_prt_bof
View on GitHub
☆159Apr 17, 2024Updated last year
trustedsec / CS-Situational-Awareness-BOF
View on GitHub
Situational Awareness commands implemented using Beacon Object Files
☆1,722Feb 23, 2026Updated last week
kyleavery / AceLdr
View on GitHub
Cobalt Strike UDRL for memory scanner evasion.
☆1,006Jun 4, 2024Updated last year
WKL-Sec / dcomhijack
View on GitHub
Lateral Movement Using DCOM and DLL Hijacking
☆325Jun 18, 2023Updated 2 years ago
fortalice / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆387Feb 23, 2024Updated 2 years ago
coffeegist / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆362Jan 29, 2026Updated last month
ewby / Mockingjay_BOF
View on GitHub
Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
☆158Nov 7, 2023Updated 2 years ago
S3cur3Th1sSh1t / Caro-Kann
View on GitHub
Encrypted shellcode Injection to avoid Kernel triggered memory scans
☆407Sep 12, 2023Updated 2 years ago
ajpc500 / BOFs
View on GitHub
Collection of Beacon Object Files
☆633Nov 1, 2022Updated 3 years ago
Ridter / atexec-pro
View on GitHub
Fileless atexec, no more need for port 445
☆404Mar 28, 2024Updated last year
wh0amitz / SharpADWS
View on GitHub
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
☆586Mar 19, 2024Updated last year
YOLOP0wn / POSTDump
View on GitHub
☆341Nov 10, 2025Updated 3 months ago
FalconForceTeam / SOAPHound
View on GitHub
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
☆862Feb 3, 2024Updated 2 years ago
WKL-Sec / HiddenDesktop
View on GitHub
HVNC for Cobalt Strike
☆1,301Dec 7, 2023Updated 2 years ago
icyguider / LatLoader
View on GitHub
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
☆307Dec 9, 2023Updated 2 years ago
Octoberfest7 / enumhandles_BOF
View on GitHub
☆126Sep 1, 2024Updated last year
Mr-Un1k0d3r / .NetConfigLoader
View on GitHub
.net config loader
☆348Nov 9, 2023Updated 2 years ago
wh0amitz / KRBUACBypass
View on GitHub
UAC Bypass By Abusing Kerberos Tickets
☆508Aug 10, 2023Updated 2 years ago
rasta-mouse / SpawnWith
View on GitHub
☆109Feb 17, 2025Updated last year
CodeXTF2 / ScreenshotBOF
View on GitHub
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
☆490Dec 7, 2025Updated 2 months ago
Octoberfest7 / MemFiles
View on GitHub
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
☆473Jul 6, 2024Updated last year