Invoke-Bof

Payload loader

Loads and executes a malicious payload in a Windows system using PowerShell.

Load any Beacon Object File using Powershell!

GitHub

245 stars
11 watching
34 forks
Language: PowerShell
last commit: about 3 years ago
cobalt-strikepowershell

Related projects:

Repository Description Stars
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 145
guervild/bofs Beacon object files for Cobalt Strike 158
offsecginger/aes-powershellcode A PowerShell payload designed to evade detection and execute malicious commands on a target system 108
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 95
boku7/spawn A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. 440
riccardoancarani/bofs Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes 112
octoberfest7/dropspawn_bof A CobaltStrike payload that uses DLL hijacking to spawn additional Beacons on Windows systems 219
xx0hcd/alt-beacon-payload Creates a custom C# beacon payload with AV bypass and shellcode injection capabilities 20
cobalt-strike/unhook-bof Removes API hooks from a malicious process 54
crypt0p3g/bof-collection A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. 170
northwavesecurity/kernel-mii Exploits a kernel vulnerability to gain SYSTEM privileges on Windows. 29
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
netero1010/trustedpath-uacbypass-bof Tools and techniques to bypass Windows UAC restrictions on executable files by utilizing DCOM objects 119
boku7/injectetwbypass Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall 276
boku7/injectamsibypass A tool that bypasses AMSI in a remote process with code injection. 377