The-Z-Labs / cli4bofsLinks
A swiss army knife tool for running, injecting and organizing your BOFs collection
☆59Updated last week
Alternatives and similar repositories for cli4bofs
Users that are interested in cli4bofs are comparing it to the libraries listed below
Sorting:
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆104Updated 2 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆59Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆34Updated 4 months ago
- Beacon Object File (BOF) Template☆51Updated 8 months ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆46Updated 2 years ago
- Evasive loader to bypass static detection☆58Updated last year
- ☆43Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆69Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Updated last year
- Titan: A generic user defined reflective DLL for Cobalt Strike☆75Updated 2 years ago
- Indirect NT syscalls LSASS dumper.☆46Updated 2 years ago
- Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper☆55Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Updated 2 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆45Updated 3 years ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆93Updated 2 weeks ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆52Updated 4 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆83Updated 2 years ago
- An implementation of an indirect system call☆129Updated last year
- A Simple PoC☆21Updated last year
- Silently Install Chrome Extension For Persistence☆90Updated last year
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆66Updated last year
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆43Updated 3 years ago
- Golang implementation of @CCob's C# ThreadlessInject☆32Updated last year
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆55Updated 4 months ago
- BOF/COFF obj file to PIC(shellcode). by golang☆39Updated 2 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆74Updated last year
- POC tool to extract all persistent clipboard history data from clipboard service process memory☆46Updated 11 months ago
- frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …☆52Updated 2 years ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆35Updated last month