boku7/BokuLoader

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/boku7/BokuLoader)

boku7 / BokuLoader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

☆1,401

Alternatives and similar repositories for BokuLoader

Users that are interested in BokuLoader are comparing it to the libraries listed below

Sorting:

kyleavery / AceLdr
View on GitHub
Cobalt Strike UDRL for memory scanner evasion.
☆1,006Jun 4, 2024Updated last year
Tylous / SourcePoint
View on GitHub
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
☆1,201Apr 16, 2025Updated 10 months ago
mgeeky / ElusiveMice
View on GitHub
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
☆482Jul 12, 2023Updated 2 years ago
trustedsec / CS-Remote-OPs-BOF
View on GitHub
Remote operations commands implemented using Beacon Object Files
☆1,120Feb 23, 2026Updated last week
Cracked5pider / KaynLdr
View on GitHub
KaynLdr is a Reflective Loader written in C/ASM
☆555Dec 3, 2023Updated 2 years ago
outflanknl / C2-Tool-Collection
View on GitHub
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
☆1,370Oct 27, 2023Updated 2 years ago
anthemtotheego / InlineExecute-Assembly
View on GitHub
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
☆740Jul 22, 2023Updated 2 years ago
klezVirus / SysWhispers3
View on GitHub
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
☆1,594Jul 31, 2024Updated last year
boku7 / spawn
View on GitHub
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
☆469Mar 8, 2023Updated 2 years ago
CCob / BOF.NET
View on GitHub
A .NET Runtime for Cobalt Strike's Beacon Object Files
☆772Sep 4, 2024Updated last year
mgeeky / ShellcodeFluctuation
View on GitHub
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…
☆1,092Jun 17, 2022Updated 3 years ago
fortra / nanodump
View on GitHub
The swiss army knife of LSASS dumping
☆2,072Sep 17, 2024Updated last year
ajpc500 / BOFs
View on GitHub
Collection of Beacon Object Files
☆633Nov 1, 2022Updated 3 years ago
trustedsec / CS-Situational-Awareness-BOF
View on GitHub
Situational Awareness commands implemented using Beacon Object Files
☆1,722Feb 23, 2026Updated last week
mgeeky / ThreadStackSpoofer
View on GitHub
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation fr…
☆1,196Jun 17, 2022Updated 3 years ago
Octoberfest7 / Inline-Execute-PE
View on GitHub
Execute unmanaged Windows executables in CobaltStrike Beacons
☆714Mar 4, 2023Updated 2 years ago
aahmad097 / AlternativeShellcodeExec
View on GitHub
Alternative Shellcode Execution Via Callbacks
☆1,698Nov 11, 2022Updated 3 years ago
klezVirus / inceptor
View on GitHub
Template-Driven AV/EDR Evasion Framework
☆1,779Nov 3, 2023Updated 2 years ago
Cracked5pider / Ekko
View on GitHub
Sleep Obfuscation
☆816Dec 3, 2023Updated 2 years ago
threatexpress / malleable-c2
View on GitHub
Cobalt Strike Malleable C2 Design and Reference Guide
☆1,750Dec 13, 2023Updated 2 years ago
icyguider / Shhhloader
View on GitHub
Syscall Shellcode Loader (Work in Progress)
☆1,259May 8, 2024Updated last year
med0x2e / SigFlip
View on GitHub
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…
☆1,255Aug 27, 2023Updated 2 years ago
WKL-Sec / HiddenDesktop
View on GitHub
HVNC for Cobalt Strike
☆1,298Dec 7, 2023Updated 2 years ago
jthuraisamy / SysWhispers2
View on GitHub
AV/EDR evasion via direct system calls.
☆1,793Sep 3, 2022Updated 3 years ago
xuanxuan0 / DripLoader
View on GitHub
Evasive shellcode loader for bypassing event-based injection detection (PoC)
☆824Aug 23, 2021Updated 4 years ago
trustedsec / COFFLoader
View on GitHub
☆615Jul 21, 2025Updated 7 months ago
CCob / SharpBlock
View on GitHub
A method of bypassing EDR's active projection DLL's by preventing entry point exection
☆1,163Mar 31, 2021Updated 4 years ago
med0x2e / ExecuteAssembly
View on GitHub
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
☆595Jul 26, 2021Updated 4 years ago
boku7 / injectAmsiBypass
View on GitHub
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
☆382Mar 8, 2023Updated 2 years ago
RCStep / CSSG
View on GitHub
Cobalt Strike Shellcode Generator
☆670Jan 8, 2025Updated last year
optiv / ScareCrow
View on GitHub
ScareCrow - Payload creation framework designed around EDR bypass.
☆2,874Aug 18, 2023Updated 2 years ago
wavestone-cdt / EDRSandblast
View on GitHub
☆1,787Aug 30, 2024Updated last year
kyleavery / inject-assembly
View on GitHub
Inject .NET assemblies into an existing process
☆508Jan 19, 2022Updated 4 years ago
phra / PEzor
View on GitHub
Open-Source Shellcode & PE Packer
☆2,069Feb 3, 2024Updated 2 years ago
Cracked5pider / KaynStrike
View on GitHub
UDRL for CS
☆444Dec 3, 2023Updated 2 years ago
REDMED-X / OperatorsKit
View on GitHub
Collection of Beacon Object Files (BOF) for Cobalt Strike
☆675Aug 15, 2025Updated 6 months ago
Mr-Un1k0d3r / EDRs
View on GitHub
☆2,168Feb 21, 2023Updated 3 years ago
praetorian-inc / PortBender
View on GitHub
TCP Port Redirection Utility
☆762Jan 31, 2023Updated 3 years ago
mgeeky / cobalt-arsenal
View on GitHub
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
☆1,097Apr 19, 2023Updated 2 years ago