outflanknl / FindObjects-BOF
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
β267Updated last year
Alternatives and similar repositories for FindObjects-BOF:
Users that are interested in FindObjects-BOF are comparing it to the libraries listed below
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.β215Updated last year
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object Fileβ192Updated 4 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate π.β174Updated 4 years ago
- Remove API hooks from a Beacon process.β268Updated 3 years ago
- Beacon Object File (BOF) Creation Helperβ225Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrikeβ191Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that bβ¦β238Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assemβ¦β186Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that bβ¦β216Updated 3 years ago
- Collection of beacon BOF written to learn windows and cobaltstrikeβ345Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)β311Updated 3 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strikeβ262Updated 4 years ago
- Cobalt Strike Beacon Object Filesβ160Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonationβ300Updated last year
- C# version of Powermadβ160Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLLβ¦β166Updated last year
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump inβ¦β261Updated 3 years ago
- Example code for using named pipe output with beacon ReflectiveDLLsβ113Updated 4 years ago
- β147Updated 4 years ago
- Run Rubeus via Rundll32β199Updated 4 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their typeβ199Updated 11 months ago
- My CobaltStrike BOFSβ161Updated 2 years ago
- Evading WinDefender ATP credential-theftβ254Updated 5 years ago
- Apply a filter to the events being reported by windows event loggingβ261Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.β145Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilegeβ122Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonationβ140Updated 3 years ago
- Collection of tested Cobaltstrike aggressor scripts.β111Updated 4 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strikeβ174Updated 2 years ago
- Executes position independent shellcode from an encrypted zipβ301Updated 4 years ago