Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

Windows protocol library, including SMB and RPC implementations, among others.

A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.

Proof-of-concept implementation of AI-enabled postex DLLs

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencies.

An Ansible role for installing Cobalt Strike.

A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office365 users.

A delicious, but malicious SSL-VPN server 🌮

A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike

Local SYSTEM auth trigger for relaying - X

Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

Quick and dirty dynamic redirect.rules generator

External C2 is a specification to allow third-party programs to act as a communication layer for Cobalt Strike’s Beacon payload.

LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Enable EFS service as low priv user (PE & BOF)

Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …

A Model Context Protocol (MCP) server to converse with data in Bloodhound

A Python POC for CRED1 over SOCKS5

Beacon Object File (BOF) for dumping certificates (and, when possible, private keys) on Windows

The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23

Collection of Beacon Object Files (BOF) for Cobalt Strike

Cobalt Strike BOF to fetch tokens from Token Broker cache