BOFs

System call shim

A custom implementation of a low-level system function to facilitate reverse engineering and analysis of Windows systems

Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.

GitHub

172 stars
8 watching
25 forks
Language: C
last commit: almost 4 years ago

Related projects:

Repository Description Stars
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 95
riccardoancarani/bofs Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes 112
wumb0/rust_bof A proof-of-concept project demonstrating how to create and compile Cobalt Strike Beacon Object Files in Rust 254
ajpc500/bofs A collection of tools and utilities to manipulate system calls, memory, and processes for exploitation and reverse engineering purposes. 554
rvrsh3ll/bof_collection A collection of Cobalt Strike Beacon Objectives (BOFs) that perform various tasks such as domain information retrieval, clipboard data extraction, WiFi enumeration, port scanning, and registry persistence. 592
m57/cobaltstrike_bofs Exploits SeBackupPrivilege to dump remote system hives and credentials. 159
crypt0p3g/bof-collection A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. 170
sh0ckfr/inlinewhispers2 A toolset for working with direct system calls in Cobalt Strike's Beacon Object Files via Syswhispers2 178
byt3bl33d3r/bof-nim A tool that creates and executes Cobalt Strike Base of operations (BOF) files using the Nim programming language 84
northwavesecurity/kernel-mii Exploits a kernel vulnerability to gain SYSTEM privileges on Windows. 29
snovvcrash/bofs A collection of C code snippets demonstrating various Windows backdoors and command execution methods 51
netero1010/rdphijack-bof A tool for hijacking remote RDP sessions using the WinStationConnect API 297
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
dtmsecurity/bof_helper Creates C programs with custom API calls using Microsoft's documentation endpoint and grep results from mingw header files 222
pwn1sher/cs-bofs A collection of compiled beacon object files from the CobaltStrike platform. 101