A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.
☆18Jul 15, 2025Updated 8 months ago
Alternatives and similar repositories for MagicBOFs
Users that are interested in MagicBOFs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bof of RegPwn by MDSec☆115Mar 15, 2026Updated 3 weeks ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Impacket pre-compiled binaries☆19Jul 31, 2023Updated 2 years ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 9 months ago
- UDC2 implementation that provides an ICMP C2 channel☆120Nov 24, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- User-Defined C2 BOF Template☆31Nov 24, 2025Updated 4 months ago
- dcsync bof☆46Feb 13, 2026Updated last month
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 7 months ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- PrimitiveInjection by using Read, Write and Allocation Primitives.☆53Jun 21, 2025Updated 9 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆57Nov 18, 2025Updated 4 months ago
- ☆138Nov 17, 2025Updated 4 months ago
- An example reference design for a proposed BOF PE☆204Jan 23, 2026Updated 2 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆168Sep 22, 2025Updated 6 months ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 8 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆175Sep 3, 2025Updated 7 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆72Dec 26, 2025Updated 3 months ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated last year
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆117Dec 21, 2025Updated 3 months ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.☆47Apr 1, 2026Updated last week
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆12Jun 3, 2025Updated 10 months ago
- a BOF implementation of various registry persistence methods☆96Nov 11, 2025Updated 4 months ago
- Port of Cobalt Strike's Process Inject Kit☆193Dec 1, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A stager and implant that executes remote Web Assembly☆64Feb 4, 2026Updated 2 months ago
- ☆26Mar 24, 2026Updated 2 weeks ago
- Lateral movement with DCOM DLL hijacking☆175Jul 4, 2025Updated 9 months ago
- Invoke-SPSI - Simple PowerShell Shellcode Injector☆37Oct 9, 2025Updated 6 months ago
- Just another repository for malware development☆14May 12, 2024Updated last year
- ☆38Oct 16, 2025Updated 5 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆273Jun 18, 2025Updated 9 months ago