snovvcrash / BOFsLinks
Beacon Object Files (not Buffer Overflows)
☆56Updated 2 years ago
Alternatives and similar repositories for BOFs
Users that are interested in BOFs are comparing it to the libraries listed below
Sorting:
- A care package of useful bofs for red team engagments☆55Updated 9 months ago
- A VSCode plugin to assist with BOF development.☆37Updated last year
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆83Updated 3 years ago
- ☆43Updated last year
- ☆31Updated 2 years ago
- Click Once + App Domain☆63Updated last year
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆40Updated 2 years ago
- ☆25Updated 3 years ago
- ☆70Updated 3 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆27Updated 4 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- .NET project for installing Persistence☆63Updated 3 years ago
- Python module for running BOFs☆72Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- ☆79Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆87Updated 3 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆21Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆102Updated 2 years ago
- ☆47Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆62Updated last year
- Beacon Object File allowing creation of Beacons in different sessions.☆80Updated 3 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆62Updated 3 years ago