frkngksl/NiCOFF external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

frkngksl/NiCOFF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/frkngksl/NiCOFF)

Close

frkngksl / NiCOFFView on GitHubMore

• External links
• Readme badge

COFF and BOF Loader written in Nim

☆174Apr 4, 2026Updated last month

Alternatives and similar repositories for NiCOFF

Users that are interested in NiCOFF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• frkngksl / NimicStack

  View on GitHub
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆95Apr 4, 2026Updated last month
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Apr 4, 2026Updated last month
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆293Dec 3, 2023Updated 2 years ago
• eversinc33 / BouncyGate

  View on GitHub
  Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
  ☆186Feb 12, 2023Updated 3 years ago
• moloch-- / denim

  View on GitHub
  Automated compiler obfuscation for nim
  ☆137Jun 27, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• S3cur3Th1sSh1t / Nim_DInvoke

  View on GitHub
  D/Invoke implementation in Nim
  ☆100Jun 8, 2022Updated 3 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆236Oct 18, 2022Updated 3 years ago
• byt3bl33d3r / NimDllSideload

  View on GitHub
  DLL sideloading/proxying with Nim!
  ☆173Dec 4, 2022Updated 3 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆150Aug 18, 2022Updated 3 years ago
• oXis / NimWinAPICustom

  View on GitHub
  Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim
  ☆32Jun 2, 2021Updated 4 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• S3cur3Th1sSh1t / Nim_CBT_Shellcode

  View on GitHub
  CallBack-Techniques for Shellcode execution ported to Nim
  ☆61Mar 19, 2021Updated 5 years ago
• klezVirus / NimlineWhispers3

  View on GitHub
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆148Jun 2, 2022Updated 3 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆507Jan 19, 2022Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆148Nov 15, 2023Updated 2 years ago
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆366Mar 2, 2024Updated 2 years ago
• trustedsec / COFFLoader

  View on GitHub
  ☆633Jul 21, 2025Updated 9 months ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Mar 22, 2023Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,016Jun 4, 2024Updated last year
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆303Oct 26, 2022Updated 3 years ago
• S3cur3Th1sSh1t / Nim-RunPE

  View on GitHub
  A Nim implementation of reflective PE-Loading from memory
  ☆299Sep 5, 2024Updated last year
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆322Jul 2, 2023Updated 2 years ago
• zimawhit3 / Bitmancer

  View on GitHub
  Nim Library for Offensive Security Development
  ☆202Sep 4, 2023Updated 2 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆223Nov 5, 2021Updated 4 years ago
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆514Aug 14, 2022Updated 3 years ago
• chvancooten / NimPlant

  View on GitHub
  A light-weight first-stage C2 implant written in Nim (and Rust).
  ☆944Mar 2, 2026Updated 2 months ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆378May 24, 2022Updated 3 years ago
• S3cur3Th1sSh1t / NimGetSyscallStub

  View on GitHub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆235Jan 28, 2022Updated 4 years ago
• adamsvoboda / nim-loader

  View on GitHub
  WIP shellcode loader in nim with EDR evasion techniques
  ☆218Mar 30, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• frkngksl / NimExec

  View on GitHub
  Fileless Command Execution for Lateral Movement in Nim
  ☆393Apr 4, 2026Updated last month
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆535Aug 1, 2022Updated 3 years ago
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆261May 10, 2023Updated 2 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  Remote operations commands implemented using Beacon Object Files
  ☆1,154Mar 5, 2026Updated 2 months ago
• Octoberfest7 / JumpSession_BOF

  View on GitHub
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆84May 23, 2022Updated 3 years ago
• zimawhit3 / HellsGateNim

  View on GitHub
  A quick example of the Hells Gate technique in Nim
  ☆93Aug 11, 2021Updated 4 years ago
• byt3bl33d3r / BOF-Nim

  View on GitHub
  Cobalt Strike BOF Files with Nim!
  ☆86Jul 10, 2022Updated 3 years ago