rvrsh3ll/BOF_Collection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rvrsh3ll/BOF_Collection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rvrsh3ll/BOF_Collection)

Close

rvrsh3ll / BOF_CollectionView on GitHubMore

• External links
• Readme badge

Various Cobalt Strike BOFs

☆743Oct 16, 2022Updated 3 years ago

Alternatives and similar repositories for BOF_Collection

Users that are interested in BOF_Collection are comparing it to the libraries listed below

• ajpc500 / BOFs

  View on GitHub
  Collection of Beacon Object Files
  ☆633Nov 1, 2022Updated 3 years ago
• trustedsec / CS-Situational-Awareness-BOF

  View on GitHub
  Situational Awareness commands implemented using Beacon Object Files
  ☆1,722Updated this week
• Yaxser / CobaltStrike-BOF

  View on GitHub
  Collection of beacon BOF written to learn windows and cobaltstrike
  ☆362Feb 24, 2023Updated 3 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  Remote operations commands implemented using Beacon Object Files
  ☆1,120Updated this week
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆771Sep 4, 2024Updated last year
• anthemtotheego / InlineExecute-Assembly

  View on GitHub
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆740Jul 22, 2023Updated 2 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆675Aug 15, 2025Updated 6 months ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆482Jul 12, 2023Updated 2 years ago
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,097Apr 19, 2023Updated 2 years ago
• outflanknl / C2-Tool-Collection

  View on GitHub
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,370Oct 27, 2023Updated 2 years ago
• N7WEra / BofAllTheThings

  View on GitHub
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆576Aug 30, 2023Updated 2 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,401Nov 22, 2023Updated 2 years ago
• RedSiege / C2concealer

  View on GitHub
  C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
  ☆1,098Jun 25, 2024Updated last year
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,006Jun 4, 2024Updated last year
• dtmsecurity / bof_helper

  View on GitHub
  Beacon Object File (BOF) Creation Helper
  ☆236May 3, 2022Updated 3 years ago
• m57 / cobaltstrike_bofs

  View on GitHub
  My CobaltStrike BOFS
  ☆167Jul 23, 2022Updated 3 years ago
• Tylous / SourcePoint

  View on GitHub
  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
  ☆1,201Apr 16, 2025Updated 10 months ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,606Jul 10, 2023Updated 2 years ago
• trustedsec / COFFLoader

  View on GitHub
  ☆615Jul 21, 2025Updated 7 months ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆714Mar 4, 2023Updated 2 years ago
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,163Mar 31, 2021Updated 4 years ago
• 0xthirteen / MoveKit

  View on GitHub
  Cobalt Strike kit for Lateral Movement
  ☆678Feb 21, 2020Updated 6 years ago
• iilegacyyii / ThreadlessInject-BOF

  View on GitHub
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆394Jan 9, 2024Updated 2 years ago
• CodeXTF2 / ScreenshotBOF

  View on GitHub
  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
  ☆490Dec 7, 2025Updated 2 months ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆470Mar 8, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆434Dec 21, 2023Updated 2 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆839Dec 2, 2023Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆681Oct 23, 2024Updated last year
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• xx0hcd / Malleable-C2-Profiles

  View on GitHub
  Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.…
  ☆865Oct 28, 2022Updated 3 years ago
• N4kedTurtle / PersistBOF

  View on GitHub
  A BOF to automate common persistence tasks for red teamers
  ☆292Mar 7, 2023Updated 2 years ago
• Octoberfest7 / MemFiles

  View on GitHub
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆473Jul 6, 2024Updated last year
• EspressoCake / Defender_Exclusions-BOF

  View on GitHub
  A BOF to determine Windows Defender exclusions.
  ☆253Jun 25, 2023Updated 2 years ago
• threatexpress / malleable-c2

  View on GitHub
  Cobalt Strike Malleable C2 Design and Reference Guide
  ☆1,750Dec 13, 2023Updated 2 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆282Sep 18, 2021Updated 4 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,298Dec 7, 2023Updated 2 years ago
• threatexpress / random_c2_profile

  View on GitHub
  Cobalt Strike random C2 Profile generator
  ☆685Jan 5, 2023Updated 3 years ago
• RCStep / CSSG

  View on GitHub
  Cobalt Strike Shellcode Generator
  ☆670Jan 8, 2025Updated last year
• outflanknl / InlineWhispers

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆321Nov 9, 2021Updated 4 years ago