Enable EFS service as low priv user (PE & BOF)
☆21Jul 6, 2025Updated 7 months ago
Alternatives and similar repositories for EnableEFS
Users that are interested in EnableEFS are comparing it to the libraries listed below
Sorting:
- User-Defined C2 BOF Template☆28Nov 24, 2025Updated 3 months ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 7 months ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆98Feb 10, 2026Updated 2 weeks ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- dcsync bof☆44Feb 13, 2026Updated 2 weeks ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- Dll hijack -- just one macro☆12Jul 3, 2023Updated 2 years ago
- UDC2 implementation that provides an ICMP C2 channel☆115Nov 24, 2025Updated 3 months ago
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 2 months ago
- Entra ID Password Protection Banned Password Lists☆17Apr 16, 2024Updated last year
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 7 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- A Windows C++ OLE/COM Object explorer written in WTL.☆16Feb 28, 2025Updated last year
- ☆14Dec 26, 2024Updated last year
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 5 months ago
- ☆51Jun 28, 2025Updated 8 months ago
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- Process dumper wrote in rust.☆14Sep 16, 2024Updated last year
- A Rust template for writing Beacon Object Files (BOFs)☆100Feb 11, 2026Updated 2 weeks ago
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆17Sep 30, 2021Updated 4 years ago
- Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust☆86Jun 4, 2024Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆75Aug 24, 2025Updated 6 months ago
- Arsenal of modules to beacon postex☆94Feb 18, 2026Updated last week
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- AV/EDR companies netblocks☆18Nov 9, 2021Updated 4 years ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆101Jan 26, 2026Updated last month
- A C# tool for extracting information from SCCM PXE boot media.☆51Jan 14, 2026Updated last month
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- ☆26Nov 25, 2025Updated 3 months ago
- ☆55May 31, 2025Updated 9 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago