bof
Here are 45 public repositories matching this topic...
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
-
Updated
Dec 7, 2025 - C
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
-
Updated
Feb 24, 2025 - C
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
-
Updated
Oct 8, 2020 - C
Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
-
Updated
Oct 9, 2022 - C
Take a screenshot without injection for Cobalt Strike
-
Updated
Jun 7, 2023 - C
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
-
Updated
Jan 21, 2023 - C
Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
-
Updated
Sep 3, 2020 - C
Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass
-
Updated
Jan 29, 2026 - C
Small toolkit for extracting information and dumping sensitive strings from Windows processes
-
Updated
Jul 17, 2024 - C
Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
-
Updated
Jul 9, 2025 - C
a BOF implementation of various registry persistence methods
-
Updated
Nov 11, 2025 - C
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
-
Updated
May 7, 2023 - C
open source port/reimplementation of the Cobalt Strike BOF Loader as is
-
Updated
Mar 8, 2026 - C
BOF template with boflink and mutator kit support
-
Updated
Jan 8, 2026 - C
Improve this page
Add a description, image, and links to the bof topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the bof topic, visit your repo's landing page and select "manage topics."