RDPHijack-BOF
Session hijacker
A tool for hijacking remote RDP sessions using the WinStationConnect API
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.
297 stars
10 watching
45 forks
Language: C
last commit: over 2 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| netero1010/servicemove-bof | A tool that exploits a Windows vulnerability to execute arbitrary code on remote systems using a technique called DLL hijacking. | 282 |
 octoberfest7/dropspawn_bof | A CobaltStrike payload that uses DLL hijacking to spawn additional Beacons on Windows systems | 216 |
 0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 69 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 246 |
 cobalt-strike/unhook-bof | Removes API hooks from a malicious process | 54 |
 boku7/halosgate-ps | A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. | 94 |
| cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 138 |
 rvrsh3ll/bof_collection | A collection of Cobalt Strike Beacon Objectives (BOFs) that perform various tasks such as domain information retrieval, clipboard data extraction, WiFi enumeration, port scanning, and registry persistence. | 581 |
 redsection/offensiveph | A tool that utilizes an old driver to bypass user-mode access controls and inject malicious code into processes | 329 |
 ccob/bof.net | A .NET runtime framework for developing and executing malicious C code in a managed environment. | 678 |
 crypt0p3g/bof-collection | A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. | 170 |
 riccardoancarani/bofs | Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes | 111 |
| netero1010/quser-bof | A proof-of-concept implementation of a Windows API-based backdoor using the quser.exe utility | 83 |
 rsmudge/zerologon-bof | An implementation of a Zero Logon protocol Bounce Of Flood (ZoBoF) vulnerability exploitation technique | 157 |
 tomcarver16/bof-dll-inject | A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. | 147 |