A swiss army knife tool for running, injecting and organizing your BOFs collection
☆73Feb 20, 2026Updated last week
Alternatives and similar repositories for cli4bofs
Users that are interested in cli4bofs are comparing it to the libraries listed below
Sorting:
- bof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Read…☆300Updated this week
- ☆57Jan 15, 2024Updated 2 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- CVE-2024-43044的利用方式☆20Aug 13, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- MS17-010 Exploits With Original NSA Tool(only for windows)☆31Jul 30, 2024Updated last year
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆150Oct 25, 2021Updated 4 years ago
- C or BOF file to extract WebKit master key to decrypt user cookie☆207Apr 29, 2024Updated last year
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- SSDG 基于Social规则的账号|密码|口令字典生成工具☆16Jan 10, 2025Updated last year
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- ☆33Jan 23, 2025Updated last year
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Oct 10, 2022Updated 3 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Sep 8, 2022Updated 3 years ago
- ☆146Nov 6, 2025Updated 3 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 2 years ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 4 months ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- A Beacon Object File (BOF) template for Visual Studio☆269Nov 24, 2025Updated 3 months ago
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆490Dec 7, 2025Updated 2 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆88Mar 2, 2025Updated last year
- A simple Sleepmask BOF example☆168Nov 24, 2025Updated 3 months ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆167Jan 30, 2021Updated 5 years ago
- ☆108Aug 21, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- Finds imports that could be exploited, still requires manual analysis.☆29Nov 9, 2022Updated 3 years ago