Alternatives and similar repositories for BOFs

Users that are interested in BOFs are comparing it to the libraries listed below

• Mav3rick33 / ZenLdr

  View on GitHub
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆101Feb 28, 2023Updated 2 years ago
• GetRektBoy724 / SysGate

  View on GitHub
  One gate to all syscalls!
  ☆23Mar 12, 2022Updated 3 years ago
• matro7sh / bof-collection

  View on GitHub
  collection of beacon object file (Cobalt strike)
  ☆12Jan 21, 2023Updated 3 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated last year
• iilegacyyii / ThreadlessInject-BOF

  View on GitHub
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆394Jan 9, 2024Updated 2 years ago
• Hagrid29 / BOF-CredUI

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt
  ☆23Nov 23, 2022Updated 3 years ago
• EspressoCake / Defender_Exclusions-BOF

  View on GitHub
  A BOF to determine Windows Defender exclusions.
  ☆253Jun 25, 2023Updated 2 years ago
• zimnyaa / stoplooking

  View on GitHub
  A simple BOF that disables some logging with NtSetInformationProcess
  ☆13Oct 13, 2023Updated 2 years ago
• nick-frischkorn / TokenStripBOF

  View on GitHub
  Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process
  ☆47Jun 15, 2022Updated 3 years ago
• NVISOsecurity / CobaltWhispers

  View on GitHub
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆243Jan 4, 2023Updated 3 years ago
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆55Dec 6, 2024Updated last year
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆160Mar 1, 2024Updated last year
• passthehashbrowns / BOFMask

  View on GitHub
  ☆126Jun 28, 2023Updated 2 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆187Jan 26, 2023Updated 3 years ago
• xforcered / BOFMask

  View on GitHub
  ☆129Jun 28, 2023Updated 2 years ago
• xpn / WAMBam

  View on GitHub
  Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
  ☆130Jan 14, 2023Updated 3 years ago
• boku7 / xPipe

  View on GitHub
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆93Mar 8, 2023Updated 2 years ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• KingOfTheNOPs / EnableWebDAVClient-BOF

  View on GitHub
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆23Sep 15, 2023Updated 2 years ago
• rkbennett / pybof

  View on GitHub
  Python module for running BOFs
  ☆79Nov 28, 2025Updated 2 months ago
• rad9800 / hwbp4mw

  View on GitHub
  ☆274Jan 14, 2023Updated 3 years ago
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆285Jun 8, 2023Updated 2 years ago
• antroguy / LocklessBof

  View on GitHub
  Lockless BOF
  ☆79May 2, 2025Updated 9 months ago
• CodeXTF2 / ScreenshotBOF

  View on GitHub
  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…
  ☆490Dec 7, 2025Updated 2 months ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆146May 18, 2024Updated last year
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆321Jul 2, 2023Updated 2 years ago
• OtterHacker / Cerbere

  View on GitHub
  ☆49Feb 11, 2023Updated 3 years ago
• Hagrid29 / BOF-SprayAD

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
  ☆47Mar 4, 2023Updated 2 years ago
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆271Jul 16, 2022Updated 3 years ago
• boku7 / whereami

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…
  ☆183Mar 13, 2023Updated 2 years ago
• EncodeGroup / BOF-RegSave

  View on GitHub
  Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
  ☆216Oct 8, 2020Updated 5 years ago
• CodeXTF2 / WindowSpy

  View on GitHub
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆281Feb 24, 2025Updated 11 months ago
• EspressoCake / Process_Protection_Level_BOF

  View on GitHub
  ☆61Aug 30, 2021Updated 4 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• anthemtotheego / Detect-Hooks

  View on GitHub
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆158Jul 22, 2021Updated 4 years ago
• CodeXTF2 / Burp2Malleable

  View on GitHub
  Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
  ☆418Apr 6, 2023Updated 2 years ago
• okppp990 / phishlets

  View on GitHub
  ☆11Jul 11, 2023Updated 2 years ago
• netero1010 / TrustedPath-UACBypass-BOF

  View on GitHub
  Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
  ☆146Aug 16, 2021Updated 4 years ago
• alfarom256 / BOF-ForeignLsass

  View on GitHub
  ☆101Aug 23, 2021Updated 4 years ago