Alternatives and similar repositories for BOF-Builder

Users that are interested in BOF-Builder are comparing it to the libraries listed below

• xx0hcd / Alt-Beacon-Payload
  Beacon payload using AV bypass method from https://github.com/fullmetalcache/CsharpMMNiceness and shellcode generated from https://github…
  ☆20Updated 4 years ago
• mobdk / Core
  Core bypass Windows Defender and execute any binary converted to shellcode
  ☆43Updated 3 years ago
• Tw1sm / HTTPS-MalleableC2-Config
  Create Cobalt Strike malleable C2 profiles with HTTPS configs
  ☆18Updated 5 years ago
• trainr3kt / Readfile_BoF
  ☆21Updated 2 years ago
• jnqpblc / SharpReg
  SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.
  ☆29Updated 5 years ago
• 0x3rhy / GetClipboard
  Cobalt Strike Get clipboard plugin
  ☆14Updated last year
• Kudaes / Scripts
  Repository for dirty scripts and PoCs
  ☆18Updated 4 months ago
• CUHKJason / BOF-klist
  A simple BOF implementation of klist using Windows API
  ☆32Updated 2 years ago
• optiv / CVE-2020-15931
  Netwrix Account Lockout Examiner 4.1 Domain Admin Account Credential Disclosure Vulnerability
  ☆26Updated 4 years ago
• Gr1mmie / SharpShellCodeObfus
  Caeser Cipher your shellcode!
  ☆21Updated 3 years ago
• EncodeGroup / SharpDirLister
  .NET 4.0 Fast Directory / File Lister
  ☆26Updated 4 years ago
• magisterquis / shelloverreversessh
  A little implant which SSH's back with a shell
  ☆38Updated 3 years ago
• hyp3rlinx / NtFileSins
  Windows File Enumeration Intel Gathering Tool.
  ☆17Updated last year
• GhostManager / cobalt_sync
  Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+
  ☆27Updated 10 months ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Updated last year
• snovvcrash / RemoteRegSave
  A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
  ☆39Updated last year
• xforcered / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆27Updated 3 years ago
• jsecu / ElevatedEvents
  ☆29Updated 2 years ago
• jnqpblc / SharpSvc
  SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.
  ☆26Updated last year
• wsummerhill / IPv4Fuscation-Encrypted
  ☆19Updated last year
• leonjza / tc2
  treafik fronted c2 examples
  ☆26Updated 4 years ago
• kartikdurg / Enum-LSASS
  LSASS enumeration like pypykatz written in C-Lang
  ☆20Updated 3 years ago
• mdsecactivebreach / SharpAltiris
  ☆25Updated 2 years ago
• boku7 / SCMKit
  Source Code Management Attack Toolkit
  ☆12Updated 2 years ago
• boku7 / LibreHealth-authRCE
  LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …
  ☆13Updated 4 years ago
• tothi / PowerLessShell
  Run PowerShell command without invoking powershell.exe
  ☆35Updated 3 years ago
• ASkyeye / CobaltPatch
  Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…
  ☆40Updated 4 years ago
• DragoQCC / ShellcodeEncryption
  Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…
  ☆15Updated 3 years ago
• jnqpblc / SharpDir
  SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.
  ☆27Updated 5 years ago
• Wh04m1001 / PICDumper
  ☆25Updated 3 years ago