Alternatives and similar repositories for ScreenShot-BOF

Users that are interested in ScreenShot-BOF are comparing it to the libraries listed below

• baiyies / ScreenshotBOFPlus

  View on GitHub
  Take a screenshot without injection for Cobalt Strike
  ☆203Jun 7, 2023Updated 2 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆93Mar 8, 2023Updated 2 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• Like0x / AddDefenderExclusions-BOF

  View on GitHub
  AddDefenderExclusions Beacon Object File
  ☆41Jun 25, 2023Updated 2 years ago
• ausec-it / bof-registry

  View on GitHub
  Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
  ☆31Feb 11, 2021Updated 5 years ago
• knightswd / SamrSearch

  View on GitHub
  SamrSearch can get user info and group info with MS-SAMR.
  ☆15Feb 15, 2022Updated 3 years ago
• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• Octoberfest7 / CVE-2023-36874_BOF

  View on GitHub
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆205Aug 25, 2023Updated 2 years ago
• CodeXTF2 / ScreenshotBOF

  View on GitHub
  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
  ☆490Dec 7, 2025Updated 2 months ago
• seventeenman / SelfDel-BOF

  View on GitHub
  Delete file regardless of whether the handle is used via SetFileInformationByHandle
  ☆55Jul 1, 2023Updated 2 years ago
• YOLOP0wn / CheckDrivers

  View on GitHub
  ☆12Sep 13, 2023Updated 2 years ago
• Hagrid29 / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆96Mar 20, 2023Updated 2 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆160Mar 27, 2023Updated 2 years ago
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆207Apr 29, 2024Updated last year
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 2 years ago
• AgeloVito / adduserbysamr-bof

  View on GitHub
  Cobalt Strike BOF that Add a user to localgroup by samr
  ☆134Nov 30, 2022Updated 3 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆126Jun 28, 2023Updated 2 years ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• b1tg / cobaltstrike-beacon-rust

  View on GitHub
  CobaltStrike beacon in rust
  ☆208Aug 10, 2024Updated last year
• slemire / bof-adopt

  View on GitHub
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆17Jul 22, 2022Updated 3 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• EspressoCake / Needle_Sift_BOF

  View on GitHub
  Strstr with user-supplied needle and filename as a BOF.
  ☆32Sep 27, 2021Updated 4 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆671Aug 15, 2025Updated 6 months ago
• netero1010 / TrustedPath-UACBypass-BOF

  View on GitHub
  Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
  ☆146Aug 16, 2021Updated 4 years ago
• MaorSabag / fileSearcher

  View on GitHub
  A simple BOF (Beacon Object File) to search files in the system
  ☆15Dec 2, 2023Updated 2 years ago
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆460Sep 24, 2023Updated 2 years ago
• OtterHacker / CoffLoader

  View on GitHub
  ☆60Jan 9, 2023Updated 3 years ago
• jiushill / wmi-hack-py

  View on GitHub
  ☆49May 8, 2023Updated 2 years ago
• ScriptIdiot / sleepmask_ekko_cfg

  View on GitHub
  Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
  ☆49Mar 15, 2023Updated 2 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• EspressoCake / ReadRemoteProcessCommandline_BOF

  View on GitHub
  ☆29May 10, 2024Updated last year
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Mar 22, 2023Updated 2 years ago
• wabzsy / gonut

  View on GitHub
  Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
  ☆64Jul 29, 2023Updated 2 years ago
• BronzeTicket / ClipboardWindow-Inject

  View on GitHub
  CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback
  ☆68Sep 15, 2022Updated 3 years ago
• snovvcrash / BOFs

  View on GitHub
  Beacon Object Files (not Buffer Overflows)
  ☆58Mar 6, 2023Updated 2 years ago
• 0x3rhy / BypassCredGuard-BOF

  View on GitHub
  BypassCredGuard CS BOF
  ☆49Jan 23, 2025Updated last year
• iilegacyyii / ThreadlessInject-BOF

  View on GitHub
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆394Jan 9, 2024Updated 2 years ago
• Octoberfest7 / EventViewerUAC_BOF

  View on GitHub
  Beacon Object File implementation of Event Viewer deserialization UAC bypass
  ☆133May 6, 2022Updated 3 years ago
• eladshamir / SharpElevator

  View on GitHub
  SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…
  ☆61Aug 31, 2022Updated 3 years ago