bof

The swiss army knife of LSASS dumping

Situational Awareness commands implemented using Beacon Object Files

Shoggoth: Asmjit Based Polymorphic Encryptor

A BOF that runs unmanaged PEs inline

Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具

An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.

Loading BOF & ShellCode without executable permission memory.

A COFF loader made in Rust

WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.

bof-launcher - library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready to use in C/Zig/Rust/Go/C++ applications.

Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File

Library of BOFs to interact with SQL servers

Take a screenshot without injection for Cobalt Strike

Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.

Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations

Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.

Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.

Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).

An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.

A simple BOF that frees UDRLs