BOFs
System call shim
A custom implementation of a low-level system function to facilitate reverse engineering and analysis of Windows systems
Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.
172 stars
8 watching
25 forks
Language: C
last commit: almost 4 years ago Related projects:
Repository | Description | Stars |
---|---|---|
boku7/halosgate-ps | A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. | 95 |
riccardoancarani/bofs | Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes | 112 |
wumb0/rust_bof | A proof-of-concept project demonstrating how to create and compile Cobalt Strike Beacon Object Files in Rust | 254 |
ajpc500/bofs | A collection of tools and utilities to manipulate system calls, memory, and processes for exploitation and reverse engineering purposes. | 554 |
rvrsh3ll/bof_collection | A collection of Cobalt Strike Beacon Objectives (BOFs) that perform various tasks such as domain information retrieval, clipboard data extraction, WiFi enumeration, port scanning, and registry persistence. | 592 |
m57/cobaltstrike_bofs | Exploits SeBackupPrivilege to dump remote system hives and credentials. | 159 |
crypt0p3g/bof-collection | A collection of beacon object files designed to be used in a remote access tool like Cobalt Strike. | 170 |
sh0ckfr/inlinewhispers2 | A toolset for working with direct system calls in Cobalt Strike's Beacon Object Files via Syswhispers2 | 178 |
byt3bl33d3r/bof-nim | A tool that creates and executes Cobalt Strike Base of operations (BOF) files using the Nim programming language | 84 |
northwavesecurity/kernel-mii | Exploits a kernel vulnerability to gain SYSTEM privileges on Windows. | 29 |
snovvcrash/bofs | A collection of C code snippets demonstrating various Windows backdoors and command execution methods | 51 |
netero1010/rdphijack-bof | A tool for hijacking remote RDP sessions using the WinStationConnect API | 297 |
0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 70 |
dtmsecurity/bof_helper | Creates C programs with custom API calls using Microsoft's documentation endpoint and grep results from mingw header files | 222 |
pwn1sher/cs-bofs | A collection of compiled beacon object files from the CobaltStrike platform. | 101 |