cube0x0/BofRoast

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cube0x0/BofRoast)

cube0x0 / BofRoast

Beacon Object Files for roasting Active Directory

☆235

Alternatives and similar repositories for BofRoast

Users that are interested in BofRoast are comparing it to the libraries listed below

Sorting:

EspressoCake / PPLDump_BOF
View on GitHub
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
☆143Sep 24, 2021Updated 4 years ago
cube0x0 / LdapSignCheck
View on GitHub
Beacon Object File & C# project to check LDAP signing
☆199Aug 7, 2024Updated last year
outflanknl / FindObjects-BOF
View on GitHub
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
☆275May 3, 2023Updated 2 years ago
guervild / BOFs
View on GitHub
Cobalt Strike Beacon Object Files
☆167May 2, 2022Updated 3 years ago
connormcgarr / tgtdelegation
View on GitHub
tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
☆178Nov 26, 2021Updated 4 years ago
Henkru / cs-token-vault
View on GitHub
In-memory token vault BOF for Cobalt Strike
☆149Aug 18, 2022Updated 3 years ago
netero1010 / Quser-BOF
View on GitHub
Cobalt Strike BOF for quser.exe implementation using Windows API
☆87Mar 22, 2023Updated 2 years ago
EspressoCake / Defender_Exclusions-BOF
View on GitHub
A BOF to determine Windows Defender exclusions.
☆253Jun 25, 2023Updated 2 years ago
ajpc500 / BOFs
View on GitHub
Collection of Beacon Object Files
☆633Nov 1, 2022Updated 3 years ago
Cracked5pider / CoffeeLdr
View on GitHub
Beacon Object File Loader
☆293Dec 3, 2023Updated 2 years ago
Crypt0s / DelegationBOF
View on GitHub
☆142May 4, 2022Updated 3 years ago
nettitude / RunOF
View on GitHub
☆153Jan 6, 2023Updated 3 years ago
Sh0ckFR / InlineWhispers2
View on GitHub
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
☆186Jul 21, 2022Updated 3 years ago
rsmudge / unhook-bof
View on GitHub
Remove API hooks from a Beacon process.
☆282Sep 18, 2021Updated 4 years ago
netero1010 / TrustedPath-UACBypass-BOF
View on GitHub
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
☆146Aug 16, 2021Updated 4 years ago
wavvs / nanorobeus
View on GitHub
COFF file (BOF) for managing Kerberos tickets.
☆320Jul 2, 2023Updated 2 years ago
MartinIngesen / TokenStomp
View on GitHub
C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
☆144Feb 23, 2022Updated 4 years ago
Octoberfest7 / EventViewerUAC_BOF
View on GitHub
Beacon Object File implementation of Event Viewer deserialization UAC bypass
☆133May 6, 2022Updated 3 years ago
boku7 / xPipe
View on GitHub
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
☆94Mar 8, 2023Updated 2 years ago
EncodeGroup / BOF-RegSave
View on GitHub
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
☆216Oct 8, 2020Updated 5 years ago
alfarom256 / BOF-ForeignLsass
View on GitHub
☆101Aug 23, 2021Updated 4 years ago
REDMED-X / OperatorsKit
View on GitHub
Collection of Beacon Object Files (BOF) for Cobalt Strike
☆675Aug 15, 2025Updated 6 months ago
trustedsec / CS-Remote-OPs-BOF
View on GitHub
Remote operations commands implemented using Beacon Object Files
☆1,120Feb 23, 2026Updated last week
Cobalt-Strike / beacon_health_check
View on GitHub
This aggressor script uses a beacon's note field to indicate the health status of a beacon.
☆141Sep 29, 2021Updated 4 years ago
N7WEra / BofAllTheThings
View on GitHub
Creating a repository with all public Beacon Object Files (BoFs)
☆577Aug 30, 2023Updated 2 years ago
EspressoCake / DLL-Exports-Extraction-BOF
View on GitHub
DLL Exports Extraction BOF with optional NTFS transactions.
☆90Nov 5, 2021Updated 4 years ago
anthemtotheego / CredBandit
View on GitHub
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
☆219Jul 14, 2021Updated 4 years ago
boku7 / spawn
View on GitHub
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
☆469Mar 8, 2023Updated 2 years ago
FalconForceTeam / BOF2shellcode
View on GitHub
POC tool to convert CobaltStrike BOF files to raw shellcode
☆220Nov 5, 2021Updated 4 years ago
fortalice / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆387Feb 23, 2024Updated 2 years ago
Allevon412 / TeamsImplant
View on GitHub
☆208Feb 24, 2022Updated 4 years ago
mlcsec / ASRenum-BOF
View on GitHub
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
☆160Mar 1, 2024Updated 2 years ago
WKL-Sec / dcomhijack
View on GitHub
Lateral Movement Using DCOM and DLL Hijacking
☆325Jun 18, 2023Updated 2 years ago
anthemtotheego / InlineExecute-Assembly
View on GitHub
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
☆740Jul 22, 2023Updated 2 years ago
jsecu / CredManBOF
View on GitHub
☆99Sep 20, 2021Updated 4 years ago
frkngksl / NiCOFF
View on GitHub
COFF and BOF Loader written in Nim
☆175Aug 1, 2022Updated 3 years ago
FuzzySecurity / StandIn
View on GitHub
StandIn is a small .NET35/45 AD post-exploitation toolkit
☆839Dec 2, 2023Updated 2 years ago
S4ntiagoP / freeBokuLoader
View on GitHub
A simple BOF that frees UDRLs
☆122May 29, 2022Updated 3 years ago
CCob / BOF.NET
View on GitHub
A .NET Runtime for Cobalt Strike's Beacon Object Files
☆772Sep 4, 2024Updated last year