RalfHacker/Kerbeus-BOF external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

RalfHacker/Kerbeus-BOF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/RalfHacker/Kerbeus-BOF)

Close

RalfHacker / Kerbeus-BOFView on GitHubMore

• External links
• Readme badge

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

☆554Nov 23, 2025Updated 4 months ago

Alternatives and similar repositories for Kerbeus-BOF

Users that are interested in Kerbeus-BOF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆685Oct 23, 2024Updated last year
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆320Jul 2, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆438Dec 21, 2023Updated 2 years ago
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆227Dec 3, 2025Updated 3 months ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  Remote operations commands implemented using Beacon Object Files
  ☆1,139Mar 5, 2026Updated 2 weeks ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆681Aug 15, 2025Updated 7 months ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆347Nov 19, 2024Updated last year
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆640May 8, 2025Updated 10 months ago
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆162Mar 1, 2024Updated 2 years ago
• wotwot563 / aad_prt_bof

  View on GitHub
  ☆160Apr 17, 2024Updated last year
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆611Feb 21, 2024Updated 2 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆715Mar 4, 2023Updated 3 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,374Oct 27, 2023Updated 2 years ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆310Mar 31, 2025Updated 11 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• trustedsec / CS-Situational-Awareness-BOF

  View on GitHub
  Situational Awareness commands implemented using Beacon Object Files
  ☆1,748Mar 10, 2026Updated 2 weeks ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆617Jan 2, 2025Updated last year
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• fortalice / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆390Feb 23, 2024Updated 2 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆286Jun 8, 2023Updated 2 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆176Mar 27, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,008Jun 4, 2024Updated last year
• coffeegist / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆371Jan 29, 2026Updated last month
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆324Jun 18, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆374Apr 19, 2023Updated 2 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆125Jun 28, 2023Updated 2 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆406Mar 28, 2024Updated last year
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆407Sep 12, 2023Updated 2 years ago
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆285Feb 8, 2025Updated last year
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,309Dec 7, 2023Updated 2 years ago
• trustedsec / CS_COFFLoader

  View on GitHub
  ☆135Dec 4, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• WKL-Sec / Malleable-CS-Profiles

  View on GitHub
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆514May 19, 2025Updated 10 months ago
• Octoberfest7 / MemFiles

  View on GitHub
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆473Jul 6, 2024Updated last year
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆866Feb 3, 2024Updated 2 years ago
• N7WEra / BofAllTheThings

  View on GitHub
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆614Mar 2, 2026Updated 3 weeks ago
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆568Jun 5, 2023Updated 2 years ago
• icyguider / LatLoader

  View on GitHub
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆309Dec 9, 2023Updated 2 years ago
• wh0amitz / SharpADWS

  View on GitHub
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆585Mar 19, 2024Updated 2 years ago