Alternatives and similar repositories for bof-adopt

Users that are interested in bof-adopt are comparing it to the libraries listed below

• zimnyaa / stoplooking

  View on GitHub
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆13Oct 13, 2023Updated 2 years ago
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 2 years ago
• carlnykvist / Timestamp_BOF

  View on GitHub
  ☆17Aug 25, 2022Updated 3 years ago
• hfiref0x / RpcView

  View on GitHub
  (This is a fork used primarily to submit patches into upstream repository) RpcView is a free tool to explore and decompile Microsoft RPC …
  ☆19May 27, 2023Updated 2 years ago
• x0reaxeax / SilentWrite

  View on GitHub
  PoC arbitrary WPM without a process handle
  ☆21Jul 22, 2023Updated 2 years ago
• Mr-Un1k0d3r / MsGraphFunzy

  View on GitHub
  Scripts to interact with Microsoft Graph APIs
  ☆44Nov 7, 2024Updated last year
• dmcxblue / AzureStrike

  View on GitHub
  An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations
  ☆61Aug 18, 2025Updated 5 months ago
• 0x3rhy / BypassCredGuard-BOF

  View on GitHub
  BypassCredGuard CS BOF
  ☆49Jan 23, 2025Updated last year
• KingOfTheNOPs / EnableWebDAVClient-BOF

  View on GitHub
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆23Sep 15, 2023Updated 2 years ago
• T0ngF0ngnie / DInvokeFrp

  View on GitHub
  内存加载FRP
  ☆10Sep 11, 2023Updated 2 years ago
• FalconForceTeam / bof-winrm-plugin-jump

  View on GitHub
  ☆33Jan 23, 2025Updated last year
• draktuls / IAF-EAF-Shellcode-bypass-PoC

  View on GitHub
  Shellcode capable of bypassing EAF / IAF mitigations
  ☆28Apr 11, 2023Updated 2 years ago
• Hagrid29 / BOF-CredUI

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt
  ☆23Nov 23, 2022Updated 3 years ago
• dobin / ShellcodeObfuscationLab

  View on GitHub
  Test bench lab for Shellcode Obfuscation
  ☆34Sep 2, 2025Updated 5 months ago
• 0xJs / AzurePowerCommands

  View on GitHub
  Extra cmdlets to help with quering security related information from Azure
  ☆14Sep 16, 2024Updated last year
• zha0 / DarkPulsar

  View on GitHub
  EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!
  ☆10Oct 11, 2020Updated 5 years ago
• matro7sh / bof-collection

  View on GitHub
  collection of beacon object file (Cobalt strike)
  ☆12Jan 21, 2023Updated 3 years ago
• thiagomayllart / DarkMelkor

  View on GitHub
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Sep 8, 2021Updated 4 years ago
• 9bie / BOFRunPortable

  View on GitHub
  BOF内存运行exe
  ☆30Jun 19, 2023Updated 2 years ago
• LaresLLC / SuperSharpShares

  View on GitHub
  SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…
  ☆75May 3, 2024Updated last year
• nick-frischkorn / SuspendEventLogBOF

  View on GitHub
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆29Jun 17, 2022Updated 3 years ago
• zero2504 / FrostLock-Injection

  View on GitHub
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆43Apr 6, 2025Updated 10 months ago
• cybersectroll / TrollRPC

  View on GitHub
  ☆50Jul 9, 2025Updated 7 months ago
• YossiSassi / Invoke-AdminSDHolderPermissionCheck

  View on GitHub
  Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …
  ☆15Apr 8, 2025Updated 10 months ago
• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• qwqdanchun / ScreenShot-BOF

  View on GitHub
  ☆41Jul 10, 2023Updated 2 years ago
• EvilBytecode / Eset-Unload

  View on GitHub
  Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …
  ☆12Apr 21, 2025Updated 9 months ago
• timwhitez / memmod

  View on GitHub
  Fork & modify of Wireguard's Memmod
  ☆33Aug 2, 2023Updated 2 years ago
• trieck / comexplore

  View on GitHub
  A Windows C++ OLE/COM Object explorer written in WTL.
  ☆16Feb 28, 2025Updated 11 months ago
• 0x3rhy / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆13Feb 4, 2024Updated 2 years ago
• Iansus / SilentLsassDump

  View on GitHub
  VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump
  ☆24Jul 6, 2023Updated 2 years ago
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• NocteDefensor / SCCMDecryptor-BOF

  View on GitHub
  ☆51Jun 28, 2025Updated 7 months ago
• typeconfused / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆12Jan 1, 2023Updated 3 years ago
• zha0 / BloodyAv

  View on GitHub
  BloodyAv is Custom Shell Code loader to Bypass Av and Edr.
  ☆14Mar 21, 2022Updated 3 years ago
• fastlorenzo / redelk-kibana-app

  View on GitHub
  Kibana app for RedELK
  ☆18Mar 19, 2023Updated 2 years ago
• rasta-mouse / ExternalC2.NET

  View on GitHub
  .NET implementation of Cobalt Strike's External C2 Spec
  ☆89Nov 12, 2021Updated 4 years ago
• GhostManager / cobalt_sync

  View on GitHub
  Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+
  ☆36Dec 1, 2025Updated 2 months ago
• ToweringDragoon / SACL_Scanner

  View on GitHub
  SACL Scanner is a tool designed to scan and analyze SACLs.
  ☆50Feb 13, 2025Updated last year