Alternatives and similar repositories for teams-cookies-bof

Users that are interested in teams-cookies-bof are comparing it to the libraries listed below

• strozfriedberg / EDRSilencer-BOF

  View on GitHub
  Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format
  ☆32Oct 22, 2024Updated last year
• NocteDefensor / SCCMDecryptor-BOF

  View on GitHub
  ☆51Jun 28, 2025Updated 7 months ago
• Nomad0x7 / sekken-enum

  View on GitHub
  adws enumeration bof
  ☆162Oct 2, 2025Updated 4 months ago
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated 10 months ago
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 6 months ago
• dobin / ttpExtractor

  View on GitHub
  Extract the Procedures (TTP) from CTI reports
  ☆15Dec 13, 2025Updated 2 months ago
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆172Sep 3, 2025Updated 5 months ago
• Skeletal-Group / Hermes

  View on GitHub
  Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.
  ☆68Nov 15, 2025Updated 3 months ago
• grayhatkiller / wambam-bof

  View on GitHub
  ☆47Dec 5, 2025Updated 2 months ago
• P0142 / LDAP-Bof-Collection

  View on GitHub
  Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.
  ☆57Dec 15, 2025Updated 2 months ago
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆149Feb 8, 2026Updated last week
• Hagrid29 / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆96Mar 20, 2023Updated 2 years ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆135Apr 18, 2025Updated 9 months ago
• 7hePr0fess0r / ADCSDevilCOM

  View on GitHub
  A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …
  ☆163Nov 2, 2025Updated 3 months ago
• yanghaoi / ReflectiveDllSource

  View on GitHub
  CobaltStrike Reflective Dll Source
  ☆19Feb 20, 2022Updated 3 years ago
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• Cobalt-Strike / obfuscator-llvm

  View on GitHub
  ☆57Jan 15, 2024Updated 2 years ago
• thesnoom / extps-cobalt-strike-bof

  View on GitHub
  Extended Process List (Search functionality)
  ☆29Jan 23, 2021Updated 5 years ago
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆271Apr 17, 2023Updated 2 years ago
• ofasgard / execute-assembly-pico

  View on GitHub
  A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.
  ☆128Jan 28, 2026Updated 2 weeks ago
• ricardojoserf / NativeNtdllRemap

  View on GitHub
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Apr 13, 2025Updated 10 months ago
• RootUp / git-fsmonitor

  View on GitHub
  This is a proof-of-work for abusing "fsmonitor" against IDE.
  ☆43Nov 22, 2025Updated 2 months ago
• mwnickerson / COMHijackBOF

  View on GitHub
  ☆37Nov 25, 2025Updated 2 months ago
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• NtDallas / BOF_Spawn

  View on GitHub
  Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
  ☆150Nov 23, 2025Updated 2 months ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• m8sec / Dispatch

  View on GitHub
  Evasive Payload Delivery Server & C2 Redirector
  ☆112Nov 3, 2025Updated 3 months ago
• bohops / COM-to-the-Darkside

  View on GitHub
  Slides and resources from MCTTP 2025 Talk
  ☆66Oct 26, 2025Updated 3 months ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• kapellos / LNKSmuggler

  View on GitHub
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆92Jan 8, 2025Updated last year
• AlmondOffSec / DCOMRunAs

  View on GitHub
  Lateral movement with DCOM DLL hijacking
  ☆177Jul 4, 2025Updated 7 months ago
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆122Jan 17, 2026Updated 3 weeks ago
• dis0rder0x00 / DbgNexum

  View on GitHub
  Shellcode injection using the Windows Debugging API
  ☆165Jan 4, 2026Updated last month
• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆71Feb 20, 2025Updated 11 months ago
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated 11 months ago
• EspressoCake / Needle_Sift_BOF

  View on GitHub
  Strstr with user-supplied needle and filename as a BOF.
  ☆32Sep 27, 2021Updated 4 years ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆183Jan 17, 2026Updated 3 weeks ago
• 0xTriboulet / rdll-rs

  View on GitHub
  A reflective DLL development template for the Rust programming language
  ☆113Nov 4, 2025Updated 3 months ago
• SlimeOnSecurity / PrintSpoofer-BOF

  View on GitHub
  ☆50May 4, 2025Updated 9 months ago