outflanknl / FindObjects-BOF
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
β266Updated last year
Alternatives and similar repositories for FindObjects-BOF:
Users that are interested in FindObjects-BOF are comparing it to the libraries listed below
- Collection of beacon object files for use with Cobalt Strike to facilitate π.β174Updated 4 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.β215Updated last year
- Remove API hooks from a Beacon process.β268Updated 3 years ago
- Beacon Object File (BOF) Creation Helperβ226Updated 2 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object Fileβ194Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that bβ¦β240Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assemβ¦β189Updated 3 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their typeβ201Updated last year
- New UAC bypass for Silent Cleanup for CobaltStrikeβ191Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that bβ¦β217Updated 3 years ago
- Cobalt Strike Beacon Object Filesβ160Updated 2 years ago
- Collection of beacon BOF written to learn windows and cobaltstrikeβ346Updated 2 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strikeβ262Updated 4 years ago
- Collection of tested Cobaltstrike aggressor scripts.β114Updated 5 years ago
- β148Updated 4 years ago
- Evading WinDefender ATP credential-theftβ254Updated 5 years ago
- My CobaltStrike BOFSβ163Updated 2 years ago
- Example code for using named pipe output with beacon ReflectiveDLLsβ114Updated 4 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.β146Updated 4 years ago
- β112Updated 4 years ago
- Run Rubeus via Rundll32β199Updated 4 years ago
- Executes position independent shellcode from an encrypted zipβ302Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonationβ299Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLLβ¦β171Updated 2 years ago
- Apply a filter to the events being reported by windows event loggingβ261Updated 3 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump inβ¦β262Updated 4 years ago
- Cobalt Strike Aggressor extension for Visual Studio Codeβ127Updated 9 months ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().β215Updated 5 years ago
- Create a minidump of the LSASS process from memoryβ259Updated 2 years ago
- C# version of Powermadβ162Updated last year