parzel / GoBofRunnerLinks
A BOF/COFF loader implemented in Go and CGO.
☆22Updated last year
Alternatives and similar repositories for GoBofRunner
Users that are interested in GoBofRunner are comparing it to the libraries listed below
Sorting:
- Self Cleanup in post-ex job☆59Updated last year
- Rust 重构的 sRDI☆15Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆53Updated 2 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆53Updated 2 years ago
- ☆42Updated last year
- Silently Install Chrome Extension For Persistence☆92Updated last year
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- A Simple PoC☆21Updated last year
- Help red teams find opsec processes during engagements☆42Updated 9 months ago
- ☆24Updated 5 months ago
- AddDefenderExclusions Beacon Object File☆40Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆55Updated last year
- A little tool to play with Windows security☆12Updated 2 months ago
- 一个demo☆24Updated last year
- ☆15Updated last year
- 一个普通的BOF用来BypassUAC☆22Updated last year
- kill AV/EDR☆22Updated 2 years ago
- RawCopy - Golang implementation☆24Updated 2 years ago
- A BOF to create a scheduled task using a COM object.☆13Updated 10 months ago
- Its a coff loader ported to go( Modified by TimWhite )☆27Updated 2 years ago
- ☆27Updated 2 years ago
- ☆19Updated 3 years ago
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Updated last year
- load assembly executable file in memory☆41Updated 2 years ago
- ☆19Updated 3 years ago
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆26Updated last year
- ☆31Updated last year
- Beacon compiled using clang☆71Updated 2 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆59Updated 2 years ago
- Fork & modify of Wireguard's Memmod☆33Updated 2 years ago