xpn / WAMBam

Related projects ⓘ

Alternatives and complementary repositories for WAMBam

• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆86Updated 2 years ago
• nettitude / RunOF
  ☆139Updated last year
• morRubin / NegoExRelay
  ☆83Updated 2 years ago
• antroguy / LocklessBof
  Lockless BOF
  ☆62Updated 9 months ago
• EspressoCake / Firewall_Walker_BOF
  A BOF to interact with COM objects associated with the Windows software firewall.
  ☆100Updated 3 years ago
• RiccardoAncarani / BOFs
  Collection of Beacon Object Files (BOFs) for shells and lols
  ☆112Updated 3 years ago
• zimnyaa / noWatch
  Implant drop-in for EDR testing
  ☆128Updated last year
• williamknows / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆59Updated last month
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆76Updated 5 months ago
• apokryptein / secinject
  Section Mapping Process Injection (secinject): Cobalt Strike BOF
  ☆87Updated 2 years ago
• waawaa / AMSI_Rubeus_bypass
  ☆61Updated 2 years ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆104Updated last year
• EspressoCake / Process_Protection_Level_BOF
  ☆51Updated 3 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated last year
• rkbennett / pybof
  Python module for running BOFs
  ☆64Updated last year
• codewhitesec / SysmonEnte
  ☆68Updated 2 years ago
• Cobalt-Strike / unhook-bof
  Remove API hooks from a Beacon process.
  ☆54Updated 2 years ago
• trustedsec / PPLFaultDumpBOF
  ☆133Updated last year
• t94j0 / sddl_py
  Parse SDDL strings
  ☆35Updated 7 months ago
• 0xsp-SRD / callback_injection-Csharp
  this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…
  ☆82Updated 2 years ago
• Octoberfest7 / JumpSession_BOF
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆76Updated 2 years ago
• leftp / DPAPISnoop
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆130Updated 2 months ago
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆83Updated last year
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• joe-desimone / rep-research
  ☆67Updated 3 months ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆77Updated last year
• EspressoCake / BeaconDownloadSync
  ☆91Updated 2 years ago