Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.
☆116Jan 26, 2026Updated 5 months ago
Alternatives and similar repositories for BOFs
Users that are interested in BOFs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NSecSoftBYOVD POC☆61Feb 12, 2026Updated 4 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆179May 31, 2026Updated 3 weeks ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆71Dec 25, 2025Updated 6 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆121Dec 21, 2025Updated 6 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Lateral Movement Bof with MSI ODBC Driver Install☆149Sep 30, 2025Updated 8 months ago
- A guide to modern exploit development, shellcode, EDR and WAF bypass, and initial Red Team access.☆30Mar 6, 2026Updated 3 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆88Nov 6, 2025Updated 7 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 11 months ago
- An example of how to use Microsoft Windows Warbird technology☆96Apr 23, 2023Updated 3 years ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 5 months ago
- AppLocker-Based EDR Neutralization☆339Dec 19, 2025Updated 6 months ago
- A Beacon Object File (BOF) implementation of the 'cat' command☆26Feb 11, 2023Updated 3 years ago
- Python script to leverage MSFT_MTProcess WMI class☆40Sep 17, 2025Updated 9 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 5 months ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆97Mar 8, 2023Updated 3 years ago
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆125Jun 10, 2026Updated 2 weeks ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆171Sep 22, 2025Updated 9 months ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 3 years ago
- Beacon Object Files (BOF) for Cobalt Strike.☆32Aug 23, 2024Updated last year
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆228Dec 17, 2025Updated 6 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆199Nov 23, 2025Updated 7 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆45Apr 6, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆238May 23, 2026Updated last month
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆443Jun 27, 2025Updated last year
- ☆61Feb 12, 2026Updated 4 months ago
- Linux Shared Library to Shellcode Loader☆98Feb 15, 2026Updated 4 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆55May 12, 2025Updated last year
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆296Feb 21, 2026Updated 4 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Sleep obfuscation☆275Dec 13, 2024Updated last year
- Misery Loader to bypass modern EDR solutions☆19Dec 20, 2024Updated last year
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆76Aug 24, 2025Updated 10 months ago
- Grab unsaved Notepad contents with a Beacon Object File☆55Jun 19, 2022Updated 4 years ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆70Jan 13, 2026Updated 5 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆320Mar 31, 2025Updated last year
- Call stack spoofing for Rust☆379Feb 7, 2025Updated last year