A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.
☆18Jul 15, 2025Updated 8 months ago
Alternatives and similar repositories for MagicBOFs
Users that are interested in MagicBOFs are comparing it to the libraries listed below
Sorting:
- Bof of RegPwn by MDSec☆72Updated this week
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Impacket pre-compiled binaries☆18Jul 31, 2023Updated 2 years ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 8 months ago
- UDC2 implementation that provides an ICMP C2 channel☆116Nov 24, 2025Updated 3 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- dcsync bof☆46Feb 13, 2026Updated last month
- User-Defined C2 BOF Template☆30Nov 24, 2025Updated 3 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- PrimitiveInjection by using Read, Write and Allocation Primitives.☆53Jun 21, 2025Updated 9 months ago
- ☆57Nov 18, 2025Updated 4 months ago
- ☆139Nov 17, 2025Updated 4 months ago
- An example reference design for a proposed BOF PE☆204Jan 23, 2026Updated last month
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆168Sep 22, 2025Updated 5 months ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆174Sep 3, 2025Updated 6 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 3 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆72Dec 26, 2025Updated 2 months ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated 11 months ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆12Jun 3, 2025Updated 9 months ago
- Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.☆43Dec 30, 2025Updated 2 months ago
- a BOF implementation of various registry persistence methods☆95Nov 11, 2025Updated 4 months ago
- Port of Cobalt Strike's Process Inject Kit☆192Dec 1, 2024Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- ☆26Nov 25, 2025Updated 3 months ago
- Invoke-SPSI - Simple PowerShell Shellcode Injector☆37Oct 9, 2025Updated 5 months ago
- Just another repository for malware development☆13May 12, 2024Updated last year
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆60Dec 15, 2025Updated 3 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆271Jun 18, 2025Updated 9 months ago
- ☆38Oct 16, 2025Updated 5 months ago