Inline-Execute-PE
Beacon runner
An inline execution suite for CobaltStrike Beacons to load and run unmanaged Windows executables.
Execute unmanaged Windows executables in CobaltStrike Beacons
636 stars
17 watching
98 forks
Language: C
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 pwn1sher/cs-bofs | A collection of compiled beacon object files from the CobaltStrike platform. | 99 |
| octoberfest7/dropspawn_bof | A CobaltStrike payload that uses DLL hijacking to spawn additional Beacons on Windows systems | 216 |
 strozfriedberg/cobaltstrike-config-extractor | A toolset to extract and analyze configurations from malware samples known as Cobalt Strike Beacons. | 145 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 246 |
 b1tg/cobaltstrike-beacon-rust | A Cobalt Strike beacon implementation in Rust for creating malicious network connections | 177 |
 outflanknl/inlinewhispers | Tool to generate inline assembly code for direct system calls in COBalt Strike's Beacon Object Files (BOF) | 308 |
 sentinel-one/cobaltstrikeparser | Deciphers CobaltStrike Beacon configurations from various formats. | 1,022 |
| octoberfest7/cve-2023-36874_bof | An exploit tool for a Windows vulnerability allowing an attacker to run arbitrary code as SYSTEM on Windows 10 and Windows 11 | 201 |
 ceramicskate0/bof-builder | Tool to compile and build Beacon Object Files (BOF) from a directory of files | 26 |
 bearror/oletus | A minimal test runner for ECMAScript Modules, designed to support concurrent asynchronous testing with native module support. | 45 |
 boku7/spawn | A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. | 429 |
 kriswallsmith/spork | An experimental library that allows you to run tasks in parallel on multiple processes while maintaining control over the execution of code in both parent and child processes. | 586 |
 nikolaydubina/watchhttp | Periodically runs external commands and exposes their output as an HTTP endpoint with live updates | 33 |
 apr4h/cobaltstrikescan | A tool for detecting and parsing CobaltStrike beacon configuration from files or process memory. | 900 |
 fox-it/cobaltstrike-beacon-data | Historical metadata of Cobalt Strike Beacon attacks | 122 |