coldfusion39
Follow
Cobalt Strike
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
Beacon Object File PoC implementation of KillDefender
KaynLdr is a Reflective Loader written in C/ASM
A BOF for enumerating version information for DLLs associated for a Beacon process.
tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.
A Visual Studio template used to create Cobalt Strike BOFs
POC tool to convert CobaltStrike BOF files to raw shellcode
DLL Hijack Search Order Enumeration BOF
A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This proje…
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
A compilation of Aggressor/Sleep scripts for operational purposes that I've made.
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
Syscall BOF to arbitrarily add/detract process token privilege rights.
A shellcode function to encrypt a running process image when sleeping.
A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/
Section Mapping Process Injection (secinject): Cobalt Strike BOF
Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be Appended In Stage / Post-Ex Blocks. Made for C Programmers