"topic:beacon-object-file" — Search

Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from silent in-process BOF to full PowerShell/WMI.

C403Updated 2 days ago

aggressor-scriptbeacon-object-filebofcobalt-strikecobaltstrike-cnaedr-enumerationedr-evasionoffensive-securitypost-exploitationpurple-teamredteamwindows-security

Lavender-exe/BofCollection

BOFs gift wrapped for Havoc

Python130Updated 2 weeks ago

beacon-object-filehavochavoc-frameworkmalware-developmentred-team

ricardojoserf/BOF_Files

Repository to gather the BOF files I will be developing

C112Updated 2 months ago

beacon-object-filebofcobalt-strikecommand-and-control

soheil-01/coff_loader

An experimental COFF loader for executing Cobalt Strike Beacon Object Files (BOFs)

Zig40Updated 6 months ago

beacon-object-filecobalt-strikecoff-loaderzig

qmadev/BOF-Collection

A collection of Beacon Object Files (BOFs) to use with Cobalt Strike

C++10Updated 5 days ago

beacon-object-filecobaltstrikered-teaming

Bhanunamikaze/DPAPI_BOF

SharpDPAPI ported to Cobalt Strike BOFs — 19 self-contained BOFs for DPAPI credential triage

C00Updated 2 weeks ago

beacon-object-filebeacon-object-filesbofcobalt-strikedpapi

Rakum713/ColdWer

🥶 Freeze EDR/AV processes with ColdWer, using WerFaultSecure.exe PPL bypass to extract LSASS memory on modern Windows systems.

C00Updated 1 hour ago

av-bypassbeacon-object-filebofcobalt-strikecredential-dumpingedr-bypassedr-evasionedr-freezelsass-dumpoffensive-securityppl-bypassred-teamwindows-security

mohamedanas069/CS-EDR-Enumeration

🛡 Enumerate AV, EPP, EDR, and telemetry on Windows hosts using low-noise Cobalt Strike commands for tailored risk-based assessment.

C00Updated 1 hour ago

aggressor-scriptbeacon-object-filebofcobalt-strikecobaltstrike-cnaedr-enumerationedr-evasionoffensive-securitypost-exploitationpurple-teamredteamwindows-security