-
Adrenaline_bof Public
Forked from atomiczsec/AdrenalineCollection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.
C MIT License UpdatedJan 11, 2026 -
Sanctum Public
Forked from 0xflux/SanctumSanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
Rust UpdatedJan 11, 2026 -
EDRStartupHinder Public
Forked from TwoSevenOneT/EDRStartupHinderEDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
C++ UpdatedJan 11, 2026 -
ClipboardStealBOF Public
Forked from incursi0n/ClipboardStealBOFAn alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard history.
C MIT License UpdatedJan 9, 2026 -
Obfusk8 Public
Forked from x86byte/Obfusk8Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries
C++ UpdatedJan 8, 2026 -
dumpguard_bof Public
Forked from 0xedh/dumpguard_bofBeacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
C UpdatedJan 6, 2026 -
IDontLikeFileLocks Public
Forked from EvilBytecode/IDontLikeFileLocksTitle is self explaining, well theres few methods we can do to read locked file and play with it...
C++ MIT License UpdatedJan 5, 2026 -
DbgNexum_inject Public
Forked from dis0rder0x00/DbgNexumShellcode injection using the Windows Debugging API
C MIT License UpdatedJan 4, 2026 -
FsquirtCPLPoC Public
Forked from mhaskar/FsquirtCPLPoCPoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin
C UpdatedJan 4, 2026 -
FondueCPLPoC Public
Forked from mhaskar/FondueCPLPoCPoC for generating an APPWIZ.cpl module designed to be loaded by Fondue.exe LOLBin
Shell UpdatedJan 2, 2026 -
Vectored-Exception-Handling-Squared Public
Forked from 0xflux/Vectored-Exception-Handling-SquaredVectored Exception Handling Squared
Rust UpdatedDec 27, 2025 -
earlycascade-injection_rust Public
Forked from Whitecat18/earlycascade-injectionEarly cascade injection PoC based on Outflanks blog post written in Rust
Rust UpdatedDec 26, 2025 -
-
httpsms Public
Forked from NdoleStudio/httpsmsSend and receive SMS messages using your Android phone programmatically via a simple HTTP API
Go GNU Affero General Public License v3.0 UpdatedDec 24, 2025 -
orsted_c2 Public
Forked from almounah/orstedOrsted C2 Framework
Go GNU General Public License v3.0 UpdatedDec 23, 2025 -
BOFs_ Public
Forked from RayRRT/BOFsBeacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.
C UpdatedDec 22, 2025 -
BOF_ExecuteAssembly Public
Forked from NtDallas/BOF_ExecuteAssemblyBeacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.
C++ UpdatedDec 20, 2025 -
EDR-GhostLocker Public
Forked from zero2504/EDR-GhostLockerAppLocker-Based EDR Neutralization
C MIT License UpdatedDec 19, 2025 -
VectoredOverloading Public
Forked from CheckPointSW/VectoredOverloadingC++ MIT License UpdatedDec 11, 2025 -
Nodejs-Tracer Public
Forked from CheckPointSW/Nodejs-TracerJavaScript MIT License UpdatedDec 11, 2025 -
SessionHop_cobalt Public
Forked from 3lp4tr0n/SessionHopWindows Session Hijacking via COM
C# UpdatedDec 10, 2025 -
Cobalt-Strike-Ultimate-Arsenal Public
Forked from EvilWhales/Cobalt-Strike-Ultimate-ArsenalCobalt Strike module x loader x profile x wike / A public collection of open resources for Cobalt Strike (only legal use in Red Team and penetration testing
PowerShell UpdatedDec 7, 2025 -
LDAP-Bof-Collection Public
Forked from P0142/LDAP-Bof-CollectionCollection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.
C MIT License UpdatedDec 4, 2025 -
DynaDbg Public
Forked from DoranekoSystems/DynaDbgNext-Generation Remote Analysis Suite for Reverse Engineering.
UpdatedDec 2, 2025 -
icmp-udc2_bof Public
Forked from Cobalt-Strike/icmp-udc2UDC2 implementation that provides an ICMP C2 channel
Python UpdatedNov 24, 2025 -
Telegram-Phoenix Public
Forked from EvilWhales/Telegram-PhoenixTelegram Account Phishing toolbar Public Version. This project is intended solely for educational purposes and authorized testing. Any unauthorized or malicious use is strictly prohibited. The deve…
JavaScript UpdatedNov 24, 2025 -
CustomC2ChannelTemplate Public
Forked from CodeXTF2/CustomC2ChannelTemplatetemplate for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.
C UpdatedNov 22, 2025 -
-
-
Indirect-Shellcode-Executor Public
Forked from mimorep/Indirect-Shellcode-ExecutorIndirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered by DarkCoderSc. It exploits the nature of the in/out pointer …
Rust UpdatedNov 15, 2025
{{ message }}