DropSpawn_BOF

DLL hijacker

A CobaltStrike payload that uses DLL hijacking to spawn additional Beacons on Windows systems

CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking

GitHub

216 stars
5 watching
26 forks
Language: C
last commit: over 1 year ago

Related projects:

Repository Description Stars
netero1010/servicemove-bof A tool that exploits a Windows vulnerability to execute arbitrary code on remote systems using a technique called DLL hijacking. 282
netero1010/rdphijack-bof A tool for hijacking remote RDP sessions using the WinStationConnect API 297
octoberfest7/killdefender_bof A tool that allows an attacker to elevate privileges and gain control over the Windows Defender service 62
octoberfest7/cve-2023-36874_bof An exploit tool for a Windows vulnerability allowing an attacker to run arbitrary code as SYSTEM on Windows 10 and Windows 11 201
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 94
airbus-cert/invoke-bof Loads and executes a malicious payload in a Windows system using PowerShell. 246
tomcarver16/bof-dll-inject A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. 147
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 69
boku7/spawn A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. 429
cobalt-strike/unhook-bof Removes API hooks from a malicious process 54
m57/cobaltstrike_bofs Exploits SeBackupPrivilege to dump remote system hives and credentials. 159
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 138
octoberfest7/inline-execute-pe An inline execution suite for CobaltStrike Beacons to load and run unmanaged Windows executables. 636
espressocake/dll-hijack-search-order-bof A tool to enumerate the search order of DLL resolution and potentially gain information about a file's mutability. 141
octoberfest7/eventvieweruac_bof A tool that bypasses UAC restrictions on Windows by deserializing and executing malicious code in Event Viewer. 128