Alternatives and similar repositories for BOF-Nim

Users that are interested in BOF-Nim are comparing it to the libraries listed below

• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆283Sep 18, 2021Updated 4 years ago
• Ridter / SharpAddDomainMachine

  View on GitHub
  SharpAddDomainMachine
  ☆69Oct 12, 2021Updated 4 years ago
• Cobalt-Strike / beacon_health_check

  View on GitHub
  This aggressor script uses a beacon's note field to indicate the health status of a beacon.
  ☆141Sep 29, 2021Updated 4 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆93Mar 8, 2023Updated 2 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Mar 22, 2023Updated 2 years ago
• timwhitez / CLR-RWX

  View on GitHub
  Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间
  ☆22Sep 28, 2022Updated 3 years ago
• frkngksl / NiCOFF

  View on GitHub
  COFF and BOF Loader written in Nim
  ☆176Aug 1, 2022Updated 3 years ago
• outflanknl / InlineWhispers

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆321Nov 9, 2021Updated 4 years ago
• EncodeGroup / BOF-RegSave

  View on GitHub
  Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
  ☆216Oct 8, 2020Updated 5 years ago
• zimawhit3 / HellsGateNim

  View on GitHub
  A quick example of the Hells Gate technique in Nim
  ☆96Aug 11, 2021Updated 4 years ago
• guervild / BOFs

  View on GitHub
  Cobalt Strike Beacon Object Files
  ☆167May 2, 2022Updated 3 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆220Nov 5, 2021Updated 4 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆126Jun 28, 2023Updated 2 years ago
• Crypt0s / DelegationBOF

  View on GitHub
  ☆142May 4, 2022Updated 3 years ago
• breakid / RedReaper

  View on GitHub
  This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.
  ☆18Apr 24, 2019Updated 6 years ago
• RCStep / CSSG

  View on GitHub
  Cobalt Strike Shellcode Generator
  ☆669Jan 8, 2025Updated last year
• boku7 / injectEtwBypass

  View on GitHub
  CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
  ☆301Sep 28, 2021Updated 4 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆143Sep 24, 2021Updated 4 years ago
• ajpc500 / BOFs

  View on GitHub
  Collection of Beacon Object Files
  ☆633Nov 1, 2022Updated 3 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• cube0x0 / BofRoast

  View on GitHub
  Beacon Object Files for roasting Active Directory
  ☆235Feb 21, 2022Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆294Dec 3, 2023Updated 2 years ago
• decoder-it / juicy_2

  View on GitHub
  juicypotato for win10 > 1803 & win server 2019
  ☆97Feb 23, 2021Updated 4 years ago
• nettitude / RunOF

  View on GitHub
  ☆152Jan 6, 2023Updated 3 years ago
• boku7 / HOLLOW

  View on GitHub
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆292Mar 8, 2023Updated 2 years ago
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆482Jul 12, 2023Updated 2 years ago
• moloch-- / denim

  View on GitHub
  Automated compiler obfuscation for nim
  ☆140Jun 27, 2022Updated 3 years ago
• boku7 / whereami

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…
  ☆183Mar 13, 2023Updated 2 years ago
• connormcgarr / cThreadHijack

  View on GitHub
  Beacon Object File (BOF) for remote process injection via thread hijacking
  ☆219Jan 13, 2021Updated 5 years ago
• alfarom256 / StinkyLoader

  View on GitHub
  It stinks
  ☆105Apr 22, 2022Updated 3 years ago
• mai1zhi2 / SysWhispers2_x86

  View on GitHub
  X86 version of syswhispers2 / x86 direct system call
  ☆330Jan 28, 2021Updated 5 years ago
• NoOne-hub / Beacon.dll

  View on GitHub
  Beacon.dll reverse
  ☆141Sep 5, 2021Updated 4 years ago
• NVISOsecurity / CobaltWhispers

  View on GitHub
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆243Jan 4, 2023Updated 3 years ago
• securifybv / Visual-Studio-BOF-template

  View on GitHub
  A Visual Studio template used to create Cobalt Strike BOFs
  ☆323Nov 17, 2021Updated 4 years ago
• Coalfire-Research / Vampire

  View on GitHub
  Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
  ☆79Apr 6, 2021Updated 4 years ago