☆50Dec 15, 2025Updated 2 months ago
Alternatives and similar repositories for COFFLoader
Users that are interested in COFFLoader are comparing it to the libraries listed below
Sorting:
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- ☆163Apr 25, 2022Updated 3 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- ☆615Jul 21, 2025Updated 7 months ago
- C++ function that will automagically unhook a specified Windows API☆62Oct 14, 2020Updated 5 years ago
- ☆20Mar 21, 2024Updated last year
- A SigFlip implement in golang☆51Jan 5, 2022Updated 4 years ago
- Allow a Go process to dynamically load .NET assemblies☆150Mar 28, 2020Updated 5 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- string/file/shellcode encryptor using AES/XOR☆11Oct 15, 2023Updated 2 years ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125May 24, 2022Updated 3 years ago
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Aug 26, 2021Updated 4 years ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 5 years ago
- PoC MSVC COFF Object file loader/injector.☆185Mar 19, 2021Updated 4 years ago
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆230Jul 30, 2020Updated 5 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- A collection of weird ways to execute unmanaged code in .NET☆172May 4, 2021Updated 4 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- 寻找可注入进程☆13Jul 16, 2020Updated 5 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆772Sep 4, 2024Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆102Jan 7, 2022Updated 4 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆347Jul 21, 2020Updated 5 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato☆12Feb 8, 2020Updated 6 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago