chryzsh / awesome-bofLinks
π§ The ultimate, community-curated resource for Beacon Object Files (BOFs) β tutorials, how-tos, deep dives, and reference materials.
β68Updated last month
Alternatives and similar repositories for awesome-bof
Users that are interested in awesome-bof are comparing it to the libraries listed below
Sorting:
- ForsHopsβ136Updated 2 months ago
- β111Updated 4 months ago
- Adversary Emulation Frameworkβ108Updated 10 months ago
- AzureAD beacon object filesβ119Updated 5 months ago
- Early Bird Cryo Injections β APC-based DLL & Shellcode Injection via Pre-Frozen Job Objectsβ96Updated last month
- β115Updated 2 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.β91Updated 3 weeks ago
- Construct the payload at runtime using an array of offsetsβ63Updated 11 months ago
- A Mythic agent for Windows written in Cβ123Updated last week
- β164Updated 10 months ago
- β136Updated last month
- Impersonate Tokens using only NTAPI functionsβ73Updated 2 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!β91Updated last month
- β107Updated 2 months ago
- β107Updated 3 months ago
- BOF with Synthetic Stackframeβ147Updated 3 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 9 months ago
- A python script that automates a C2 Profile buildβ42Updated 2 months ago
- β180Updated 2 months ago
- .NET assembly loader with patchless AMSI and ETW bypass in Rustβ49Updated 7 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCSβ147Updated 3 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refleβ¦β115Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.β121Updated 8 months ago
- β106Updated 4 months ago
- β125Updated 9 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β77Updated 3 months ago
- β219Updated 7 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.β165Updated 2 months ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims β¦β82Updated 9 months ago
- β80Updated 10 months ago