☆48Dec 5, 2025Updated 3 months ago
Alternatives and similar repositories for wambam-bof
Users that are interested in wambam-bof are comparing it to the libraries listed below
Sorting:
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 8 months ago
- Execute shellcode via ASPNET compiler☆62Oct 2, 2025Updated 5 months ago
- ☆138Nov 17, 2025Updated 3 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 5 months ago
- Payload Generation Workflow☆40Jul 18, 2025Updated 7 months ago
- An offensive toolkit for restless guests #DEFCON33☆53Aug 11, 2025Updated 6 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 4 months ago
- Evasive Payload Delivery Server & C2 Redirector☆112Nov 3, 2025Updated 4 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 6 months ago
- ☆96Aug 3, 2025Updated 7 months ago
- ☆50Jun 4, 2025Updated 9 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated last month
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆23Feb 23, 2026Updated last week
- adws enumeration bof☆167Feb 16, 2026Updated 2 weeks ago
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆135Feb 14, 2026Updated 2 weeks ago
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆45Jul 6, 2025Updated 7 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- Blog/Journal on how to backdoor VSCode extensions☆76Feb 24, 2026Updated last week
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆128Jan 28, 2026Updated last month
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆185Oct 29, 2025Updated 4 months ago
- Modified version of Pypykatz to print encrypted credentials☆56Dec 26, 2022Updated 3 years ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆63Dec 25, 2025Updated 2 months ago
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- An example reference design for a proposed BOF PE☆200Jan 23, 2026Updated last month
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 6 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆78Jul 25, 2025Updated 7 months ago
- load shellcode without P/D Invoke and VirtualProtect call.☆167Sep 2, 2025Updated 6 months ago
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 5 months ago
- ☆31Aug 13, 2025Updated 6 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- ☆58Jun 2, 2025Updated 9 months ago