Situational Awareness commands implemented using Beacon Object Files
Various Cobalt Strike BOFs
翻译 - 各种钴罢工转炉
Creating a repository with all public Beacon Object Files (BoFs)
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
POC tool to convert CobaltStrike BOF files to raw shellcode
COFF file (BOF) for managing Kerberos tickets.
A BOF to determine Windows Defender exclusions.
Collection of Beacon Object Files (BOF) for Cobalt Strike
Collection of beacon BOF written to learn windows and cobaltstrike
翻译 - 信标BOF集合,用于学习窗户和钴击
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
Beacon Object File (BOF) for remote process injection via thread hijacking
翻译 - 信标对象文件(BOF),用于通过线程劫持进行远程进程注入
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
翻译 - Cobalt Strike BOF - 在远程进程中通过代码注入绕过 AMSI。
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
翻译 - CobaltStrike BOF - 通过系统调用将 ETW 绕过注入远程进程 (HellsGate|HalosGate)
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
Remove API hooks from a Beacon process.
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.
翻译 - 新的横向移动技术,通过滥用Windows感知模拟服务实现DLL劫持代码执行。
Abuses the Shared Logon Session ID Issue (Described [here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html) by the awesome James Forshaw) To Achieve System From NetworkSer...
翻译 - 滥用真棒James Forshaw的共享登录会话ID问题(在[here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html描述))中实现系统从NetworkService。也可以用作“ getsystem”