frkngksl/NiCOFF external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

frkngksl/NiCOFF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/frkngksl/NiCOFF)

Close

frkngksl / NiCOFFView on GitHubMore

• External links
• Readme badge

COFF and BOF Loader written in Nim

☆176Apr 4, 2026Updated 2 months ago

Alternatives and similar repositories for NiCOFF

Users that are interested in NiCOFF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• frkngksl / NimicStack

  View on GitHub
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆95Apr 4, 2026Updated 2 months ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆125Apr 4, 2026Updated 2 months ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆296Dec 3, 2023Updated 2 years ago
• eversinc33 / BouncyGate

  View on GitHub
  Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
  ☆186Feb 12, 2023Updated 3 years ago
• moloch-- / denim

  View on GitHub
  Automated compiler obfuscation for nim
  ☆136Jun 27, 2022Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• S3cur3Th1sSh1t / Nim_DInvoke

  View on GitHub
  D/Invoke implementation in Nim
  ☆101Jun 8, 2022Updated 4 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆234Oct 18, 2022Updated 3 years ago
• byt3bl33d3r / NimDllSideload

  View on GitHub
  DLL sideloading/proxying with Nim!
  ☆175Dec 4, 2022Updated 3 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• oXis / NimWinAPICustom

  View on GitHub
  Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim
  ☆33Jun 2, 2021Updated 5 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆123May 29, 2022Updated 4 years ago
• S3cur3Th1sSh1t / Nim_CBT_Shellcode

  View on GitHub
  CallBack-Techniques for Shellcode execution ported to Nim
  ☆61Mar 19, 2021Updated 5 years ago
• klezVirus / NimlineWhispers3

  View on GitHub
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆148Jun 2, 2022Updated 4 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆506Jan 19, 2022Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆147Nov 15, 2023Updated 2 years ago
• memN0ps / venom-rs

  View on GitHub
  Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
  ☆367Mar 2, 2024Updated 2 years ago
• trustedsec / COFFLoader

  View on GitHub
  ☆640Jul 21, 2025Updated 10 months ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Mar 22, 2023Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,018Jun 4, 2024Updated 2 years ago
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆302Oct 26, 2022Updated 3 years ago
• S3cur3Th1sSh1t / Nim-RunPE

  View on GitHub
  A Nim implementation of reflective PE-Loading from memory
  ☆298Sep 5, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆326Jul 2, 2023Updated 2 years ago
• zimawhit3 / Bitmancer

  View on GitHub
  Nim Library for Offensive Security Development
  ☆200Sep 4, 2023Updated 2 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆220Nov 5, 2021Updated 4 years ago
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆513Aug 14, 2022Updated 3 years ago
• chvancooten / NimPlant

  View on GitHub
  A light-weight first-stage C2 implant written in Nim (and Rust).
  ☆947Mar 2, 2026Updated 3 months ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆377May 24, 2022Updated 4 years ago
• S3cur3Th1sSh1t / NimGetSyscallStub

  View on GitHub
  Get fresh Syscalls from a fresh ntdll.dll copy
  ☆233Jan 28, 2022Updated 4 years ago
• adamsvoboda / nim-loader

  View on GitHub
  WIP shellcode loader in nim with EDR evasion techniques
  ☆218Mar 30, 2022Updated 4 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• frkngksl / NimExec

  View on GitHub
  Fileless Command Execution for Lateral Movement in Nim
  ☆395Apr 4, 2026Updated 2 months ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆537Aug 1, 2022Updated 3 years ago
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆262May 10, 2023Updated 3 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  Remote operations commands implemented using Beacon Object Files
  ☆1,166Mar 5, 2026Updated 3 months ago
• Octoberfest7 / JumpSession_BOF

  View on GitHub
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆84May 23, 2022Updated 4 years ago
• zimawhit3 / HellsGateNim

  View on GitHub
  A quick example of the Hells Gate technique in Nim
  ☆92Aug 11, 2021Updated 4 years ago
• byt3bl33d3r / BOF-Nim

  View on GitHub
  Cobalt Strike BOF Files with Nim!
  ☆85Jul 10, 2022Updated 3 years ago