Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
☆68Dec 25, 2025Updated 4 months ago
Alternatives and similar repositories for cSessionHop
Users that are interested in cSessionHop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 5 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆192Jan 17, 2026Updated 4 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆134Jan 26, 2026Updated 3 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆96Jan 2, 2026Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A simple Sleepmask BOF example☆173Nov 24, 2025Updated 5 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆171Sep 22, 2025Updated 7 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆101Mar 20, 2023Updated 3 years ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆206Dec 30, 2025Updated 4 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆118Dec 21, 2025Updated 4 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆234Nov 6, 2025Updated 6 months ago
- Windows Thread Pool Injection Havoc Implementation☆34Mar 23, 2024Updated 2 years ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 6 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆114Jan 26, 2026Updated 3 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 10 months ago
- Lateral Movement Bof with MSI ODBC Driver Install☆149Sep 30, 2025Updated 7 months ago
- External C2 is a specification to allow third-party programs to act as a communication layer for Cobalt Strike’s Beacon payload.☆19Jul 17, 2025Updated 10 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 10 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 9 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 9 months ago
- A New Exploitation Technique for Visual Studio Projects☆13Nov 5, 2023Updated 2 years ago
- Reaping treasures from strings in remote processes memory☆287Feb 8, 2025Updated last year
- a BOF implementation of various registry persistence methods☆97Nov 11, 2025Updated 6 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆134Jan 28, 2026Updated 3 months ago
- ☆133Jan 23, 2025Updated last year
- An example reference design for a proposed BOF PE☆206Jan 23, 2026Updated 3 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆111Apr 16, 2026Updated last month
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆141Nov 12, 2025Updated 6 months ago
- ☆82Apr 8, 2026Updated last month
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆103Jan 10, 2026Updated 4 months ago
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆74Oct 22, 2025Updated 6 months ago
- Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support☆80Apr 26, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆114Apr 28, 2026Updated 3 weeks ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- ☆101Sep 1, 2024Updated last year
- ☆50Dec 5, 2025Updated 5 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 9 months ago
- An Ansible collection that installs an SCCM deployment with optional configurations.☆108Dec 8, 2025Updated 5 months ago