typeconfused/windows-ps-callbacks-experiments external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

typeconfused/windows-ps-callbacks-experiments

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/typeconfused/windows-ps-callbacks-experiments)

Close

typeconfused / windows-ps-callbacks-experimentsView on GitHubMore

• External links
• Readme badge

Files for http://blog.deniable.org/posts/windows-callbacks/

☆12Jan 1, 2023Updated 3 years ago

Alternatives and similar repositories for windows-ps-callbacks-experiments

Users that are interested in windows-ps-callbacks-experiments are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20Feb 20, 2026Updated last month
• Und3rf10w / CobaltStrikeBOFs

  View on GitHub
  Beacon Object Files used for Cobalt Strike
  ☆19Jul 18, 2023Updated 2 years ago
• boku7 / halosgate-ps

  View on GitHub
  Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes
  ☆107Mar 8, 2023Updated 3 years ago
• Cobalt-Strike / obfuscator-llvm

  View on GitHub
  ☆57Jan 15, 2024Updated 2 years ago
• slemire / bof-adopt

  View on GitHub
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆17Jul 22, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆19Jul 21, 2025Updated 8 months ago
• Cobalt-Strike / sleepmask-vs

  View on GitHub
  A simple Sleepmask BOF example
  ☆173Nov 24, 2025Updated 4 months ago
• Cobaltlad / LSA_reg2PDF

  View on GitHub
  Dumping LSA secrets: a story about task decorrelation
  ☆14Jul 9, 2024Updated last year
• vatsalgupta67 / Process-Hollowing

  View on GitHub
  Red Team Operation's Defense Evasion Technique.
  ☆56Jun 4, 2024Updated last year
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated last year
• xforcered / Agent-Development-Stack

  View on GitHub
  Backend development stack for agents
  ☆29Jul 30, 2025Updated 8 months ago
• Hypnoze57 / SharpHound4Cobalt

  View on GitHub
  C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
  ☆59Apr 13, 2023Updated 2 years ago
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆42Mar 17, 2026Updated 3 weeks ago
• thefLink / Hunt-Weird-Syscalls

  View on GitHub
  ETW based POC to identify direct and indirect syscalls
  ☆189Apr 19, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• NVISOsecurity / cs2br-bof

  View on GitHub
  Run Cobalt Strike BOFs in Brute Ratel C4!
  ☆86Apr 15, 2025Updated 11 months ago
• melotic / nanostorm

  View on GitHub
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆21Dec 15, 2024Updated last year
• passthehashbrowns / BOFMask

  View on GitHub
  ☆131Jun 28, 2023Updated 2 years ago
• Adepts-Of-0xCC / SnoopyOwl

  View on GitHub
  ☆49May 12, 2021Updated 4 years ago
• xforcered / MLOKit

  View on GitHub
  MLOps Attack Toolkit
  ☆31Aug 25, 2025Updated 7 months ago
• securedglobe / PersistantService

  View on GitHub
  A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…
  ☆37Sep 28, 2023Updated 2 years ago
• mkmk435 / Zone

  View on GitHub
  ☆17Sep 17, 2025Updated 6 months ago
• bolonobolo / av_evasion

  View on GitHub
  ☆22Aug 11, 2021Updated 4 years ago
• EspressoCake / DLL_Imports_BOF

  View on GitHub
  A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
  ☆86Oct 28, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• ausec-it / bof-registry

  View on GitHub
  Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
  ☆31Feb 11, 2021Updated 5 years ago
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆352Sep 10, 2024Updated last year
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆207Apr 29, 2024Updated last year
• iilegacyyii / ThreadlessInject-BOF

  View on GitHub
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆395Jan 9, 2024Updated 2 years ago
• senko37 / createprocessnotify-hook

  View on GitHub
  PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook
  ☆13May 30, 2024Updated last year
• bitdefender / hypervinject-poc

  View on GitHub
  ☆59Feb 19, 2026Updated last month
• ProcessusT / PsNotifRoutineUnloader

  View on GitHub
  This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…
  ☆63Feb 11, 2024Updated 2 years ago
• XTeam-Wing / WingKit

  View on GitHub
  CobaltStrike Extentions
  ☆40Oct 24, 2021Updated 4 years ago
• chryzsh / docker-cobaltstrike

  View on GitHub
  ☆26Mar 24, 2026Updated 2 weeks ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• mitchmoser / SharpLDAPSearch

  View on GitHub
  C# .NET Assembly to perform LDAP Queries
  ☆27Apr 1, 2021Updated 5 years ago
• SlimeOnSecurity / PrintSpoofer-BOF

  View on GitHub
  ☆52May 4, 2025Updated 11 months ago
• atabetnouhaila / API-hashing

  View on GitHub
  ☆18Jan 14, 2026Updated 2 months ago
• hackerhouse-opensource / Gigabyte_ElevatePersist

  View on GitHub
  Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…
  ☆34Feb 2, 2026Updated 2 months ago
• chryzsh / chryzsh.github.io

  View on GitHub
  Windows stuff
  ☆16Feb 5, 2020Updated 6 years ago
• melotic / rekk

  View on GitHub
  rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.
  ☆32Dec 15, 2024Updated last year
• Libraggbond / EventViewerBypassUacBof

  View on GitHub
  EventViewer Bypass Uac Bof
  ☆23Jul 23, 2022Updated 3 years ago