th3k3ymak3r / minbeaconView external linksLinks
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
☆27Apr 28, 2022Updated 3 years ago
Alternatives and similar repositories for minbeacon
Users that are interested in minbeacon are comparing it to the libraries listed below
Sorting:
- ☆15Nov 24, 2022Updated 3 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆113Aug 29, 2022Updated 3 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code☆21Feb 13, 2023Updated 3 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Apr 8, 2022Updated 3 years ago
- 高版本Fastjson在Java原生反序列化中的利用演示☆26Jan 12, 2025Updated last year
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 2 years ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Beacon compiled using clang☆73Jan 22, 2023Updated 3 years ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 2 months ago
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆44Jun 23, 2022Updated 3 years ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Dumping LSASS Evaded Endpoint Security Solutions☆18Feb 15, 2025Updated last year
- Detect VM and Hypervisor☆10Jun 16, 2021Updated 4 years ago
- 在原版nps的基础上,增加了nps探测,以及对应的利用方式(如获取cookie,页面等),进行一些简单的二开。未经过大量测试,可能存在bug。☆21Aug 5, 2025Updated 6 months ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!☆10Oct 11, 2020Updated 5 years ago
- Analyze Windows Systems for common and unique vulnerabilities☆10Jul 6, 2022Updated 3 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …☆15Apr 8, 2025Updated 10 months ago
- 此文件用于配套“卫界安全-阿呆攻防”中所涉及的代码类文档☆11Apr 26, 2025Updated 9 months ago
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 9 months ago
- A Beacon Object File (BOF) implementation of the 'cat' command☆25Feb 11, 2023Updated 3 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Cobalt Strike BOF that Add an admin user☆78Oct 11, 2022Updated 3 years ago
- Rust编写的父进程PID欺骗技术测试工具☆53Jan 9, 2023Updated 3 years ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Collection of BOFs for Cobalt Strike☆33Mar 28, 2023Updated 2 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Use COM Component Bypass UAC,Dll Version☆36Apr 17, 2021Updated 4 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago