snovvcrash / BOFsLinks
Beacon Object Files (not Buffer Overflows)
☆56Updated 2 years ago
Alternatives and similar repositories for BOFs
Users that are interested in BOFs are comparing it to the libraries listed below
Sorting:
- A VSCode plugin to assist with BOF development.☆37Updated last year
- A care package of useful bofs for red team engagments☆55Updated 8 months ago
- Click Once + App Domain☆63Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- ☆43Updated last year
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆27Updated 4 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- ☆25Updated 3 years ago
- ☆70Updated 3 years ago
- ☆30Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- Python module for running BOFs☆72Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆40Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆20Updated 2 years ago
- ☆23Updated 3 years ago
- ☆23Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆71Updated 4 months ago
- ☆79Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆27Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆84Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- ☆26Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year