RDPHijack-BOF

Session hijacker

A tool for hijacking remote RDP sessions using the WinStationConnect API

Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.

GitHub

297 stars
10 watching
45 forks
Language: C
last commit: over 2 years ago

Related projects:

Repository Description Stars
netero1010/servicemove-bof A tool that exploits a Windows vulnerability to execute arbitrary code on remote systems using a technique called DLL hijacking. 284
octoberfest7/dropspawn_bof A CobaltStrike payload that uses DLL hijacking to spawn additional Beacons on Windows systems 219
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
airbus-cert/invoke-bof Loads and executes a malicious payload in a Windows system using PowerShell. 245
cobalt-strike/unhook-bof Removes API hooks from a malicious process 54
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 95
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 145
rvrsh3ll/bof_collection A collection of Cobalt Strike Beacon Objectives (BOFs) that perform various tasks such as domain information retrieval, clipboard data extraction, WiFi enumeration, port scanning, and registry persistence. 592
redsection/offensiveph A tool that utilizes an old driver to bypass user-mode access controls and inject malicious code into processes 329
ccob/bof.net A .NET runtime framework for developing and executing malicious C code in a managed environment. 682
crypt0p3g/bof-collection A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. 170
riccardoancarani/bofs Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes 112
netero1010/quser-bof A proof-of-concept implementation of a Windows API-based backdoor using the quser.exe utility 83
rsmudge/zerologon-bof An implementation of a Zero Logon protocol Bounce Of Flood (ZoBoF) vulnerability exploitation technique 157
tomcarver16/bof-dll-inject A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. 147