Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.
☆115Jan 26, 2026Updated 4 months ago
Alternatives and similar repositories for BOFs
Users that are interested in BOFs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NSecSoftBYOVD POC☆60Feb 12, 2026Updated 3 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆176May 31, 2026Updated last week
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆70Dec 25, 2025Updated 5 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆119Dec 21, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Lateral Movement Bof with MSI ODBC Driver Install☆149Sep 30, 2025Updated 8 months ago
- A guide to modern exploit development, shellcode, EDR and WAF bypass, and initial Red Team access.☆28Mar 6, 2026Updated 3 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆87Nov 6, 2025Updated 7 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 11 months ago
- An example of how to use Microsoft Windows Warbird technology☆96Apr 23, 2023Updated 3 years ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 4 months ago
- AppLocker-Based EDR Neutralization☆336Dec 19, 2025Updated 5 months ago
- A Beacon Object File (BOF) implementation of the 'cat' command☆26Feb 11, 2023Updated 3 years ago
- Python script to leverage MSFT_MTProcess WMI class☆40Sep 17, 2025Updated 8 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 4 months ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆97Mar 8, 2023Updated 3 years ago
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆121Updated this week
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆170Sep 22, 2025Updated 8 months ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 3 years ago
- Beacon Object Files (BOF) for Cobalt Strike.☆32Aug 23, 2024Updated last year
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆224Dec 17, 2025Updated 5 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆198Nov 23, 2025Updated 6 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆44Apr 6, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆235May 23, 2026Updated 2 weeks ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆443Jun 27, 2025Updated 11 months ago
- ☆62Feb 12, 2026Updated 3 months ago
- Linux Shared Library to Shellcode Loader☆97Feb 15, 2026Updated 3 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆55May 12, 2025Updated last year
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆296Feb 21, 2026Updated 3 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Sleep obfuscation☆274Dec 13, 2024Updated last year
- Misery Loader to bypass modern EDR solutions☆19Dec 20, 2024Updated last year
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆76Aug 24, 2025Updated 9 months ago
- Grab unsaved Notepad contents with a Beacon Object File☆55Jun 19, 2022Updated 3 years ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆69Jan 13, 2026Updated 4 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆319Mar 31, 2025Updated last year
- Call stack spoofing for Rust☆377Feb 7, 2025Updated last year