jsecu / BOF-pack-1
A care package of useful bofs for red team engagments
☆54Updated 3 months ago
Alternatives and similar repositories for BOF-pack-1:
Users that are interested in BOF-pack-1 are comparing it to the libraries listed below
- Beacon Object Files (not Buffer Overflows)☆53Updated 2 years ago
- Click Once + App Domain☆61Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- Simple .NET loader for loading and executing Powershell payloads☆16Updated 3 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆63Updated 2 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆49Updated last year
- ☆62Updated 2 years ago
- ☆57Updated 3 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆54Updated 3 years ago
- Rewrite to fit my needs☆27Updated 8 months ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- Lateral Movement via the .NET Profiler☆79Updated 4 months ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆83Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- ☆43Updated last year
- Bunch of BOF files☆30Updated 3 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆93Updated last year
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆22Updated 2 years ago
- Lockless BOF☆70Updated last month
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Python module for running BOFs☆69Updated last year
- ☆48Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆51Updated 2 years ago
- ☆22Updated 3 years ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆81Updated 2 months ago