bitsadmin/lofl external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bitsadmin/lofl

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bitsadmin/lofl)

Close

bitsadmin / loflView on GitHubMore

• External links
• Readme badge

Living Off the Foreign Land setup scripts

☆75Feb 26, 2025Updated last year

Alternatives and similar repositories for lofl

Users that are interested in lofl are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Flangvik / collector

  View on GitHub
  Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
  ☆19Jun 12, 2022Updated 3 years ago
• Tw1sm / list-wam-accounts

  View on GitHub
  List web account manager (WAM) accounts added to the current profile
  ☆26Dec 11, 2025Updated 5 months ago
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆86Mar 22, 2023Updated 3 years ago
• CompassSecurity / conkeyscan

  View on GitHub
  A Pentesters Confluence Keyword Scanner
  ☆19Dec 3, 2024Updated last year
• RedSiege / SharpCollectionTemplate

  View on GitHub
  ☆14Sep 26, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• mgeeky / CustomXMLPart

  View on GitHub
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Aug 8, 2022Updated 3 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆131Jun 28, 2023Updated 2 years ago
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆164Mar 1, 2024Updated 2 years ago
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆26Mar 12, 2025Updated last year
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆53Dec 6, 2024Updated last year
• RCStep / RedTeam_Tools_n_Stuff

  View on GitHub
  Collection of self-made Red Team tools that have come in handy
  ☆12Aug 25, 2024Updated last year
• MzHmO / TGSThief

  View on GitHub
  My implementation of the GIUDA project in C++
  ☆189Jul 25, 2023Updated 2 years ago
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆154Mar 25, 2025Updated last year
• rasta-mouse / RuralBishop

  View on GitHub
  D/Invoke port of UrbanBishop
  ☆108Jul 19, 2020Updated 5 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• nickzer0 / RagingRotator

  View on GitHub
  A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.
  ☆80Jun 6, 2024Updated 2 years ago
• OG-Sadpanda / SharpSword

  View on GitHub
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆118Sep 30, 2024Updated last year
• OG-Sadpanda / SharpCat

  View on GitHub
  C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly
  ☆15Jul 15, 2021Updated 4 years ago
• bugch3ck / SharpLdapWhoami

  View on GitHub
  WhoAmI by asking the LDAP service on a domain controller.
  ☆66Feb 8, 2022Updated 4 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• skelsec / evilrdp

  View on GitHub
  ☆308Mar 15, 2025Updated last year
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆357Nov 19, 2024Updated last year
• WKL-Sec / WMIExec

  View on GitHub
  Set of python scripts which perform different ways of command execution via WMI protocol.
  ☆165Jun 29, 2023Updated 2 years ago
• codyburkard / azol

  View on GitHub
  Azure Offensive Library
  ☆17May 9, 2026Updated last month
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆694Aug 15, 2025Updated 9 months ago
• Karkas66 / CelestialSpark

  View on GitHub
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Mar 27, 2025Updated last year
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆628Jan 2, 2025Updated last year
• naksyn / Pyramid

  View on GitHub
  a tool to help operate in EDRs' blind spots
  ☆769Dec 2, 2024Updated last year
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆179Mar 27, 2023Updated 3 years ago
• deepinstinct / ContainYourself

  View on GitHub
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆320Aug 31, 2023Updated 2 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆124May 29, 2022Updated 4 years ago
• bitsadmin / dir2json

  View on GitHub
  Tool for efficient directory enumeration
  ☆64Jan 27, 2026Updated 4 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• wotwot563 / aad_prt_bof

  View on GitHub
  ☆165Apr 17, 2024Updated 2 years ago
• zimnyaa / stoplooking

  View on GitHub
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆14Oct 13, 2023Updated 2 years ago
• MaLDAPtive / Invoke-Maldaptive

  View on GitHub
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆342Aug 7, 2024Updated last year
• mansk1es / GhostFart

  View on GitHub
  ☆142Jun 21, 2023Updated 2 years ago
• EspressoCake / BOF_Development_Docker

  View on GitHub
  A VSCode devcontainer for development of COFF files with batteries included.
  ☆50Jul 10, 2023Updated 2 years ago
• MzHmO / Parasite-Invoke

  View on GitHub
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆213Mar 10, 2024Updated 2 years ago
• x42en / sysplant

  View on GitHub
  Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
  ☆130May 28, 2026Updated last week