halosgate-ps
System info BOF
A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system.
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes
94 stars
5 watching
24 forks
Language: C
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 138 |
 riccardoancarani/bofs | Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes | 111 |
 guervild/bofs | Beacon object files for Cobalt Strike | 159 |
 crypt0p3g/bof-collection | A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. | 170 |
| boku7/spawn | A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. | 429 |
 rvrsh3ll/bof_collection | A collection of Cobalt Strike Beacon Objectives (BOFs) that perform various tasks such as domain information retrieval, clipboard data extraction, WiFi enumeration, port scanning, and registry persistence. | 581 |
| cobalt-strike/unhook-bof | Removes API hooks from a malicious process | 54 |
 ccob/bof.net | A .NET runtime framework for developing and executing malicious C code in a managed environment. | 678 |
 0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 69 |
 wumb0/rust_bof | A proof-of-concept project demonstrating how to create and compile Cobalt Strike Beacon Object Files in Rust | 253 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 246 |
 pwn1sher/cs-bofs | A collection of compiled beacon object files from the CobaltStrike platform. | 99 |
| boku7/injectamsibypass | A tool that bypasses AMSI in a remote process with code injection. | 377 |
 sh0ckfr/inlinewhispers2 | A toolset for working with direct system calls in Cobalt Strike's Beacon Object Files via Syswhispers2 | 178 |
 falconforceteam/bof2shellcode | Converts Cobalt Strike BOF files to raw shellcode | 173 |