BOF to terminate a process via PID as argument
☆28Sep 7, 2025Updated 6 months ago
Alternatives and similar repositories for killerPID-BOF
Users that are interested in killerPID-BOF are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- ��☆15May 30, 2025Updated 9 months ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- dcsync bof☆46Feb 13, 2026Updated last month
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 9 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 4 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.☆209Jan 6, 2026Updated 2 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- Ansible roles to deploy RedELK☆23Feb 15, 2023Updated 3 years ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆91Jan 2, 2026Updated 2 months ago
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- Docker container escape enumeration tool.☆12Jan 23, 2021Updated 5 years ago
- 自研C2 功能展示。cs+spark的结合体。省去了本地客户端,便于团队操作。后续开源社区版。☆16Oct 30, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Arsenal of modules to beacon postex☆97Mar 13, 2026Updated last week
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- ☆39Feb 26, 2025Updated last year
- Python script to leverage MSFT_MTProcess WMI class☆40Sep 17, 2025Updated 6 months ago
- Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑…☆85Mar 10, 2026Updated last week
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆108Aug 18, 2025Updated 7 months ago
- ☆37Dec 4, 2025Updated 3 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Linker for Beacon Object Files☆170Feb 22, 2026Updated last month
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- Azure apim mini proxy☆54Feb 16, 2026Updated last month
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆103Jan 9, 2026Updated 2 months ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- A BOF that's a BOF Loader and more☆200Jan 17, 2026Updated 2 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆51Nov 2, 2025Updated 4 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago