Und3rf10w / CobaltStrikeBOFsLinks
Beacon Object Files used for Cobalt Strike
☆19Updated 2 years ago
Alternatives and similar repositories for CobaltStrikeBOFs
Users that are interested in CobaltStrikeBOFs are comparing it to the libraries listed below
Sorting:
- ☆20Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆29Updated last year
- The Totally Legit Authentication Dialog☆12Updated 2 years ago
- Repository to gather the BOF files I will be developing☆10Updated last year
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆15Updated last year
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 3 years ago
- .NET port of Leron Gray's azbelt tool.☆26Updated 2 years ago
- Python3 tool to perform password spraying using RDP☆16Updated 2 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆13Updated 2 years ago
- ☆48Updated 2 years ago
- ☆31Updated 3 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated 2 years ago
- A python port of CCob's ThreadlessInject☆25Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆44Updated last year
- A simple to use single-include Windows API resolver☆23Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Updated 2 years ago
- Right-To-Left Override POC☆36Updated 3 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆20Updated last year
- Yet, Another Packer/Loader☆25Updated 2 years ago
- string encryption in Nim☆20Updated last year
- ☆22Updated 2 years ago
- Just another Process Injection using Process Hollowing technique.☆19Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Updated 2 years ago
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Updated last year
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆43Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 3 years ago