sliverarmory/COFFLoader external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sliverarmory/COFFLoader

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sliverarmory/COFFLoader)

Close

sliverarmory / COFFLoaderView on GitHubMore

• External links
• Readme badge

☆50Dec 15, 2025Updated 4 months ago

Alternatives and similar repositories for COFFLoader

Users that are interested in COFFLoader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mobdk / VBA-DLL-WMI-EXECUTION

  View on GitHub
  Call your own DLL from VBA and execute code under process svchost.exe with WMI
  ☆12Mar 6, 2020Updated 6 years ago
• Ridter / SharpAddDomainMachine

  View on GitHub
  SharpAddDomainMachine
  ☆69Oct 12, 2021Updated 4 years ago
• clod81 / loader_process_hollow_copy_in_chunk

  View on GitHub
  About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once
  ☆13Jul 14, 2022Updated 3 years ago
• NoOne-hub / bypass-BeaconEye

  View on GitHub
  bypass BeaconEye
  ☆89Sep 9, 2021Updated 4 years ago
• RedLectroid / APIunhooker

  View on GitHub
  C++ function that will automagically unhook a specified Windows API
  ☆62Oct 14, 2020Updated 5 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• rsmudge / ZeroLogon-BOF

  View on GitHub
  ☆164Apr 25, 2022Updated 4 years ago
• lesnuages / go-execute-assembly

  View on GitHub
  Allow a Go process to dynamically load .NET assemblies
  ☆148Mar 28, 2020Updated 6 years ago
• akkuman / gSigFlip

  View on GitHub
  A SigFlip implement in golang
  ☆52Jan 5, 2022Updated 4 years ago
• trustedsec / COFFLoader

  View on GitHub
  ☆631Jul 21, 2025Updated 9 months ago
• o1mate / DLLProx

  View on GitHub
  Automatic DLL comment link generation and explaination of the DLL Proxying techniques
  ☆10Aug 19, 2021Updated 4 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆100Sep 20, 2021Updated 4 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher

  View on GitHub
  Universal Unhooking
  ☆326Sep 19, 2018Updated 7 years ago
• Yaxser / COFFLoader2

  View on GitHub
  Load and execute COFF files and Cobalt Strike BOFs in-memory
  ☆226Sep 13, 2022Updated 3 years ago
• JamesCooteUK / BOFs

  View on GitHub
  Collection of BOFs for Cobalt Strike
  ☆32Mar 28, 2023Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• GetRektBoy724 / SharpLoadLibrary

  View on GitHub
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Mar 3, 2022Updated 4 years ago
• arimaqz / strfile-encryptor

  View on GitHub
  string/file/shellcode encryptor using AES/XOR
  ☆11Oct 15, 2023Updated 2 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆220Jul 14, 2021Updated 4 years ago
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆125May 24, 2022Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆293Dec 3, 2023Updated 2 years ago
• D00MFist / Go4aRun

  View on GitHub
  Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
  ☆230Jul 30, 2020Updated 5 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆507Jan 19, 2022Updated 4 years ago
• idiotc4t / ReflectiveBase64DLL

  View on GitHub
  This is a project to receive Base64 data and decode it in process
  ☆15Mar 16, 2020Updated 6 years ago
• Ne0nd0g / go-coff

  View on GitHub
  Load and execute a common object file format (COFF) in the current process
  ☆31Mar 9, 2024Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• mobdk / Upsilon

  View on GitHub
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Aug 26, 2021Updated 4 years ago
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago
• hausec / CobaltStrikeToGhostWriter

  View on GitHub
  Log converter from CS log to Ghostwriter CSV
  ☆31Nov 23, 2020Updated 5 years ago
• FuzzySecurity / AdvSim.Cryptography

  View on GitHub
  Simple and sane cryptographic wrapper library.
  ☆33Apr 21, 2023Updated 3 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated 2 years ago
• alfarom256 / BOF-ForeignLsass

  View on GitHub
  ☆101Aug 23, 2021Updated 4 years ago
• b4rtik / metasploit-execute-assembly

  View on GitHub
  Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
  ☆346Jul 21, 2020Updated 5 years ago
• Moriarty2016 / NimRDI

  View on GitHub
  RDI implementation in Nim
  ☆64Dec 12, 2020Updated 5 years ago
• xpn / NautilusProject

  View on GitHub
  A collection of weird ways to execute unmanaged code in .NET
  ☆173May 4, 2021Updated 5 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• 0xpat / COFFInjector

  View on GitHub
  PoC MSVC COFF Object file loader/injector.
  ☆187Mar 19, 2021Updated 5 years ago
• Flangvik / RegPwnBOF

  View on GitHub
  Bof of RegPwn by MDSec
  ☆118Mar 15, 2026Updated last month
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆779Sep 4, 2024Updated last year
• timwhitez / Doge-COFFLdr

  View on GitHub
  Its a coff loader ported to go( Modified by TimWhite )
  ☆26Jul 17, 2023Updated 2 years ago
• EvanMcBroom / fuse-loader

  View on GitHub
  Load a dynamic library from memory using a fuse mount
  ☆32Sep 15, 2023Updated 2 years ago