chryzsh / awesome-bofLinks
π§ The ultimate, community-curated resource for Beacon Object Files (BOFs) β tutorials, how-tos, deep dives, and reference materials.
β77Updated 2 weeks ago
Alternatives and similar repositories for awesome-bof
Users that are interested in awesome-bof are comparing it to the libraries listed below
Sorting:
- ForsHopsβ141Updated 3 months ago
- β118Updated 4 months ago
- .NET assembly loader with patchless AMSI and ETW bypass in Rustβ51Updated 9 months ago
- AzureAD beacon object filesβ120Updated 7 months ago
- Code execution/injection technique using DLL PEB module structure manipulationβ129Updated last month
- Lateral movement with DCOM DLL hijackingβ120Updated 2 weeks ago
- β113Updated 4 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pβ¦β70Updated last week
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.β98Updated 2 months ago
- β115Updated 5 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpointsβ101Updated last week
- Impersonate Tokens using only NTAPI functionsβ77Updated 3 months ago
- Adversary Emulation Frameworkβ120Updated 2 weeks ago
- Early Bird Cryo Injections β APC-based DLL & Shellcode Injection via Pre-Frozen Job Objectsβ99Updated 3 months ago
- β111Updated 6 months ago
- A Mythic agent for Windows written in Cβ130Updated 3 weeks ago
- β124Updated 10 months ago
- BOF with Synthetic Stackframeβ156Updated 4 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β185Updated 5 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCSβ147Updated 5 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to executionβ188Updated 7 months ago
- A Mythic Agent written in PIC C.β192Updated 5 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.β168Updated 4 months ago
- β82Updated 11 months ago
- Weaponizing DCOM for NTLM Authentication Coercionsβ158Updated 2 weeks ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refleβ¦β115Updated last year
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims β¦β84Updated 10 months ago
- A python script that automates a C2 Profile buildβ42Updated 3 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijackingβ262Updated 3 weeks ago
- Stage 0β161Updated 7 months ago