A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
☆57Apr 14, 2025Updated 11 months ago
Alternatives and similar repositories for FriendlyFireBOF
Users that are interested in FriendlyFireBOF are comparing it to the libraries listed below
Sorting:
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 8 months ago
- An example reference design for a proposed BOF PE☆204Jan 23, 2026Updated last month
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated last year
- rust port of pspy with support for process monitoring over dbus☆37Jan 4, 2026Updated 2 months ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- ☆33Jan 23, 2025Updated last year
- ☆50Jun 4, 2025Updated 9 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 9 months ago
- A collection of position independent coding resources☆109Nov 15, 2025Updated 4 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆169Sep 22, 2025Updated 6 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- adws enumeration bof☆169Feb 16, 2026Updated last month
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- Linker for Beacon Object Files☆170Feb 22, 2026Updated last month
- Call Stack Spoofing for Rust☆212Jan 28, 2026Updated last month
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- ☆53Jun 28, 2025Updated 8 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- ☆128Dec 12, 2025Updated 3 months ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated last year
- ☆124May 12, 2021Updated 4 years ago
- 🧠 The ultimate resource for finding Beacon Object Files (BOFs).☆110Updated this week
- ☆48Dec 5, 2025Updated 3 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- BOF with Synthetic Stackframe☆233Oct 30, 2025Updated 4 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago