Situational Awareness commands implemented using Beacon Object Files
Shoggoth: Asmjit Based Polymorphic Encryptor
Loading BOF & ShellCode without executable permission memory.
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
Take a screenshot without injection for Cobalt Strike
Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
