Und3rf10w/CobaltStrikeBOFs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Und3rf10w/CobaltStrikeBOFs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Und3rf10w/CobaltStrikeBOFs)

Close

Und3rf10w / CobaltStrikeBOFsView on GitHubMore

• External links
• Readme badge

Beacon Object Files used for Cobalt Strike

☆19Jul 18, 2023Updated 2 years ago

Alternatives and similar repositories for CobaltStrikeBOFs

Users that are interested in CobaltStrikeBOFs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• keyboardcrunch / sentinelone_usbscan

  View on GitHub
  A custom SentinelOne USB scanner.
  ☆19Mar 26, 2022Updated 3 years ago
• typeconfused / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆12Jan 1, 2023Updated 3 years ago
• SilvestriF3 / Passworld

  View on GitHub
  Passworld is a fully customizable wordlist generator
  ☆16Sep 13, 2024Updated last year
• 0xthirteen / PerfExec

  View on GitHub
  ☆79Aug 2, 2023Updated 2 years ago
• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• seahop / titan

  View on GitHub
  Titan: A generic user defined reflective DLL for Cobalt Strike
  ☆85Nov 20, 2022Updated 3 years ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• ly4k / Pypykatz

  View on GitHub
  Modified version of Pypykatz to print encrypted credentials
  ☆56Dec 26, 2022Updated 3 years ago
• MaorSabag / HollowMask

  View on GitHub
  Just another Process Injection using Process Hollowing technique.
  ☆18Sep 18, 2023Updated 2 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated 2 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 2 years ago
• Levi597 / HHbackdoor-V0.3

  View on GitHub
  Only for educational purposes
  ☆12Jun 17, 2023Updated 2 years ago
• Hagrid29 / BOF-SprayAD

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
  ☆47Mar 4, 2023Updated 3 years ago
• Binject / exec2shell

  View on GitHub
  Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode
  ☆105May 5, 2023Updated 2 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆258May 10, 2023Updated 2 years ago
• lleon1435 / Kernel_VADInjector

  View on GitHub
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆55Oct 19, 2023Updated 2 years ago
• x42en / sysplant

  View on GitHub
  Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
  ☆127Updated this week
• rasta-mouse / PPEnum

  View on GitHub
  Simple BOF to read the protection level of a process
  ☆119May 10, 2023Updated 2 years ago
• OtterHacker / CoffLoader

  View on GitHub
  ☆61Jan 9, 2023Updated 3 years ago
• CultCornholio / solenya

  View on GitHub
  Microsoft365 Device Code Phishing Framework
  ☆39Sep 4, 2021Updated 4 years ago
• NVISOsecurity / cs2br-bof

  View on GitHub
  Run Cobalt Strike BOFs in Brute Ratel C4!
  ☆86Apr 15, 2025Updated 11 months ago
• knavesec / BloodHound-Custom-Queries

  View on GitHub
  Assorted BloodHound Cypher queries/tricks I haven't seen in other cheat sheets
  ☆12Jun 21, 2021Updated 4 years ago
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• sketchymoose / workslikeaJARM

  View on GitHub
  Method of finding interesting domains using keywords + JARMs
  ☆13Jan 30, 2023Updated 3 years ago
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago
• x0reaxeax / PageSplit

  View on GitHub
  Splitting and executing shellcode across multiple pages
  ☆103Jun 8, 2023Updated 2 years ago
• EspressoCake / BetterPipename

  View on GitHub
  Example of using Sleep to create better named pipes.
  ☆41Jul 25, 2023Updated 2 years ago
• rvrsh3ll / SharpExcel4-DCOM

  View on GitHub
  Port of Invoke-Excel4DCOM
  ☆104Oct 12, 2019Updated 6 years ago
• Hagrid29 / BOF-RemoteRegSave

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer
  ☆17Mar 4, 2023Updated 3 years ago
• rkbennett / icmpsh

  View on GitHub
  Simple reverse ICMP shell
  ☆14Apr 30, 2024Updated last year
• secgroundzero / hashslack

  View on GitHub
  Small utility script to notify via Slack about Hashcat's progress during a password cracking session
  ☆10Mar 10, 2019Updated 7 years ago
• 0xEr3bus / ShadowForgeC2

  View on GitHub
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆52Jul 15, 2023Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆293Jul 15, 2023Updated 2 years ago
• boku7 / whereami

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…
  ☆183Mar 13, 2023Updated 3 years ago
• matterpreter / cpuid

  View on GitHub
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆27Sep 15, 2023Updated 2 years ago
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 2 years ago
• 0xv1n / Havoc-ProfileGenerator

  View on GitHub
  malleable profile generator GUI for Havoc
  ☆55Apr 28, 2023Updated 2 years ago
• mgeeky / msi-shenanigans

  View on GitHub
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆90Dec 15, 2022Updated 3 years ago
• zimnyaa / grpcssh

  View on GitHub
  A simple reverse ssh/proxy implant PoC for *nix systems.
  ☆57Jul 5, 2024Updated last year