Block or Report
Block or report coldfusion39
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseCobalt Strike
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
Beacon Object File PoC implementation of KillDefender
KaynLdr is a Reflective Loader written in C/ASM
A BOF for enumerating version information for DLLs associated for a Beacon process.
tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.
A Visual Studio template used to create Cobalt Strike BOFs
POC tool to convert CobaltStrike BOF files to raw shellcode
DLL Hijack Search Order Enumeration BOF
A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This proje…
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
A compilation of Aggressor/Sleep scripts for operational purposes that I've made.
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
Syscall BOF to arbitrarily add/detract process token privilege rights.
A shellcode function to encrypt a running process image when sleeping.
A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/
Section Mapping Process Injection (secinject): Cobalt Strike BOF
Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be Appended In Stage / Post-Ex Blocks. Made for C Programmers