The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
☆23Jun 19, 2025Updated 9 months ago
Alternatives and similar repositories for BofArsenal
Users that are interested in BofArsenal are comparing it to the libraries listed below
Sorting:
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆18Jul 15, 2025Updated 8 months ago
- An example reference design for a proposed BOF PE☆202Jan 23, 2026Updated last month
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 8 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated last year
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆90Updated this week
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆192Feb 11, 2026Updated last month
- Test bench lab for Shellcode Obfuscation☆36Sep 2, 2025Updated 6 months ago
- ☆49Dec 21, 2025Updated 2 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- ☆37Nov 8, 2024Updated last year
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 6 months ago
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆17Sep 30, 2021Updated 4 years ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆200Dec 30, 2025Updated 2 months ago
- ☆55May 31, 2025Updated 9 months ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 3 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- A Beacon Object File (BOF) template for Visual Studio☆272Nov 24, 2025Updated 3 months ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Beacon Debugger☆55Oct 28, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- A collection of PoCs to do common things in unconventional ways☆121Aug 31, 2025Updated 6 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆69Nov 15, 2025Updated 4 months ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- ☆125Jun 28, 2023Updated 2 years ago
- A Crystal Palace shared library to resolve & perform syscalls☆58Oct 29, 2025Updated 4 months ago
- Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.☆42Dec 30, 2025Updated 2 months ago
- Lurker is a cross-platform, companion implant to Cobalt Strike built with Go☆33Mar 13, 2026Updated last week