Enable EFS service as low priv user (PE & BOF)
☆21Jul 6, 2025Updated 8 months ago
Alternatives and similar repositories for EnableEFS
Users that are interested in EnableEFS are comparing it to the libraries listed below
Sorting:
- User-Defined C2 BOF Template☆30Nov 24, 2025Updated 3 months ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆18Jul 15, 2025Updated 8 months ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated 2 years ago
- MDE/MDI Defender setup for Ludus☆54Mar 14, 2026Updated last week
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 3 months ago
- UDC2 implementation that provides an ICMP C2 channel☆116Nov 24, 2025Updated 3 months ago
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆104Feb 10, 2026Updated last month
- PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This projec…☆48Nov 9, 2025Updated 4 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Entra ID Password Protection Banned Password Lists☆18Apr 16, 2024Updated last year
- ☆26Nov 25, 2025Updated 3 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 4 months ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- ☆53Jun 28, 2025Updated 8 months ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- ☆55May 31, 2025Updated 9 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆112Jan 26, 2026Updated last month
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- A Windows C++ OLE/COM Object explorer written in WTL.☆16Feb 28, 2025Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- ☆14Dec 26, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- AV/EDR companies netblocks☆18Nov 9, 2021Updated 4 years ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆75Aug 24, 2025Updated 6 months ago
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily☆276Feb 5, 2026Updated last month
- Arsenal of modules to beacon postex☆97Mar 13, 2026Updated last week
- ☆48Jun 6, 2025Updated 9 months ago
- Automatically create an operation log of your shell! Supports Linux (Bash/Zsh) and Windows (PowerShell/CMD).☆36Jan 11, 2026Updated 2 months ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆24Jul 11, 2025Updated 8 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- Beacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.☆186Dec 23, 2025Updated 2 months ago
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆17Sep 30, 2021Updated 4 years ago
- ☆50Jun 4, 2025Updated 9 months ago
- Dll hijack -- just one macro☆13Jul 3, 2023Updated 2 years ago