Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream.
☆222Apr 16, 2026Updated 2 weeks ago
Alternatives and similar repositories for GodPotatoBOF
Users that are interested in GodPotatoBOF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- dcsync bof☆52Feb 13, 2026Updated 2 months ago
- ☆38Dec 4, 2025Updated 5 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 6 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 5 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆78Mar 15, 2026Updated last month
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆50Jun 4, 2025Updated 11 months ago
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆125Mar 27, 2026Updated last month
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- ☆139Nov 17, 2025Updated 5 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆173Jan 12, 2026Updated 3 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆128Jan 29, 2026Updated 3 months ago
- abusing windows toast notifications for fun and user manipulation☆100Mar 20, 2026Updated last month
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆156Nov 23, 2025Updated 5 months ago
- Phantom is project created to perform loading and executing unmanaged code in memory within an IIS environment running in full‑trust mode…☆103Apr 27, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Project for generating and identifying deceptive LNK files.☆331Mar 8, 2026Updated last month
- LPE / RCE Exploits for various vulnerable "Bloatware" products☆87Aug 5, 2025Updated 8 months ago
- adws enumeration bof☆170Feb 16, 2026Updated 2 months ago
- A BOF to enumerate system process, their protection levels, and more.☆126Nov 27, 2024Updated last year
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- Tool for Active Directory Certificate Services enumeration and abuse☆16Mar 20, 2025Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 8 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆102Jan 10, 2026Updated 3 months ago
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆291Apr 26, 2026Updated last week
- The Azure Execution Tool☆155Feb 6, 2026Updated 2 months ago
- ☆19Sep 1, 2025Updated 8 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- ☆52May 4, 2025Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆160Mar 26, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Lateral Movement Bof with MSI ODBC Driver Install☆149Sep 30, 2025Updated 7 months ago
- wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP☆139Nov 24, 2025Updated 5 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆350Nov 19, 2024Updated last year
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆150Apr 15, 2026Updated 2 weeks ago
- Modified versions of the Cobalt Strike Process Injection Kit☆109Jan 24, 2024Updated 2 years ago