andrecrafts/CobaltStrike-YARA-Bypass-f0b627fc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

andrecrafts/CobaltStrike-YARA-Bypass-f0b627fc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/andrecrafts/CobaltStrike-YARA-Bypass-f0b627fc)

Close

andrecrafts / CobaltStrike-YARA-Bypass-f0b627fcView on GitHubMore

• External links
• Readme badge

Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.

☆53Oct 2, 2025Updated 7 months ago

Alternatives and similar repositories for CobaltStrike-YARA-Bypass-f0b627fc

Users that are interested in CobaltStrike-YARA-Bypass-f0b627fc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• qigpig / Ghosting-BOF

  View on GitHub
  主要用于隐藏进程真实路径，进程带windows真签名
  ☆119Oct 15, 2024Updated last year
• aleenzz / InjectSQLServer

  View on GitHub
  Get sql server connection configuration information
  ☆28Aug 26, 2024Updated last year
• mabangde / ChromeHistory_bof

  View on GitHub
  获取chrome 浏览器记录
  ☆43Sep 6, 2025Updated 8 months ago
• myzxcg / NoNameExploit

  View on GitHub
  集权利用工具
  ☆168Feb 28, 2025Updated last year
• 0x3rhy / BypassCredGuard-BOF

  View on GitHub
  BypassCredGuard CS BOF
  ☆54Jan 23, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• susMdT / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆52Dec 4, 2023Updated 2 years ago
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 3 years ago
• oldboy21 / SHGenOb

  View on GitHub
  Python based tool for generating Shellcode from PIC C
  ☆43Nov 6, 2025Updated 6 months ago
• M0nster3 / Beacon

  View on GitHub
  重构Beacon
  ☆166Aug 19, 2024Updated last year
• Like0x / AddDefenderExclusions-BOF

  View on GitHub
  AddDefenderExclusions Beacon Object File
  ☆42Jun 25, 2023Updated 2 years ago
• EspressoCake / ReadRemoteProcessCommandline_BOF

  View on GitHub
  ☆29May 10, 2024Updated 2 years ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆319Mar 31, 2025Updated last year
• Ridter / GetMail

  View on GitHub
  利用NTLM Hash读取Exchange邮件
  ☆59May 13, 2023Updated 3 years ago
• Rvn0xsy / Havoc-Agent-Handler

  View on GitHub
  This is a third party agent for Havoc C2 written in golang.
  ☆59Jan 16, 2024Updated 2 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• Libraggbond / EventViewerBypassUacBof

  View on GitHub
  EventViewer Bypass Uac Bof
  ☆23Jul 23, 2022Updated 3 years ago
• WKL-Sec / Malleable-CS-Profiles

  View on GitHub
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆522May 19, 2025Updated last year
• apkc / CVE-2024-26229-BOF

  View on GitHub
  BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel
  ☆27Jun 13, 2024Updated last year
• huoji120 / APT_Step_Bear_Inject

  View on GitHub
  复现《EDR的梦魇：Storm-0978使用新型内核注入技术“Step Bear”》
  ☆163Oct 27, 2024Updated last year
• Cobalt-Strike / callback_examples

  View on GitHub
  This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions
  ☆39Mar 17, 2025Updated last year
• Hagrid29 / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆101Mar 20, 2023Updated 3 years ago
• nick-frischkorn / TokenStripBOF

  View on GitHub
  Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process
  ☆46Jun 15, 2022Updated 3 years ago
• baiyies / ScreenshotBOFPlus

  View on GitHub
  Take a screenshot without injection for Cobalt Strike
  ☆205Jun 7, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• qwqdanchun / ScreenShot-BOF

  View on GitHub
  ☆42Jul 10, 2023Updated 2 years ago
• zg-sec / PHP_FileUpload

  View on GitHub
  PHP文件上传50+绕过手法全景解析
  ☆17Mar 16, 2025Updated last year
• zimnyaa / stoplooking

  View on GitHub
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆14Oct 13, 2023Updated 2 years ago
• elephacking / officedump

  View on GitHub
  Dump document encryption password from Office process memory
  ☆40Mar 27, 2023Updated 3 years ago
• trustedsec / Windows-MS-LSAT-RPC-Example

  View on GitHub
  Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD
  ☆29Jan 4, 2024Updated 2 years ago
• WindowsGuy-code / Windows11-Kernel-Rootkit

  View on GitHub
  A Windows 11 Rootkit. (Exploit has been patched)
  ☆16Sep 7, 2025Updated 8 months ago
• miunasu / NTR_loader

  View on GitHub
  Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术，不使用API进行主线程劫持，不使用PEB…
  ☆92Jul 26, 2025Updated 10 months ago
• Ridter / netsync

  View on GitHub
  Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.
  ☆62Feb 25, 2025Updated last year
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆227Nov 23, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• 0xTriboulet / rssh-rs

  View on GitHub
  ☆54May 31, 2025Updated 11 months ago
• cpu0x00 / Ghost

  View on GitHub
  Evasive shellcode loader
  ☆398Oct 17, 2024Updated last year
• ImCoriander / Go-Packer-Loaders

  View on GitHub
  快速Go建你的免杀项目
  ☆26Sep 20, 2024Updated last year
• NocteDefensor / Sharelord

  View on GitHub
  .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#
  ☆10Oct 14, 2024Updated last year
• praetorian-inc / goffloader

  View on GitHub
  A Go implementation of Cobalt Strike style BOF/COFF loaders.
  ☆269Feb 22, 2025Updated last year
• 0xdea / backdoo-rs

  View on GitHub
  A simple Meterpreter stager written in Rust.
  ☆45Nov 2, 2025Updated 6 months ago
• crisprss / PetitPotam

  View on GitHub
  替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …
  ☆150Mar 13, 2022Updated 4 years ago