endymi's repositories
PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
amd-ryzen-master-driver-v17-exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
ASRenum-BOF
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
badgerDAPS
Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Supports OU filtering and removes disabled hosts.
bof-collection
Collection of Beacon Object Files (BOF) for Cobalt Strike
BOF-CredUI
Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt
BOF-DCOMPotato-PrintNotify
Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object to DCOM call of PrintNotify.
BOF-RemoteRegSave
Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer
BOF-SprayAD
Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
BOFs-Ransomware-
Collection of personal Beacon Object Files (BOFs)
BOFs-snov
Beacon Object Files (not Buffer Overflows)
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
EnableWebDAVClient-BOF
Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
fileSearcher
A simple BOF (Beacon Object File) to search files in the system
Jicop-H00k
contains the core files required to create a Beacon Object File (BOF) for use with AM0N-Eye. BOFs are compiled C programs written in a specific convention that allows them to execute within a Beacon process and use internal Beacon APIs. BOFs provide a fast and efficient way to extend the Beacon
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
LdapSignCheck
Beacon Object File & C# project to check LDAP signing
MetaFinder
Search for documents in a domain through Search Engines (Google, Bing and Baidu). The objective is to extract metadata
OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
PrivKit
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
samdump-bof
Beacon Object File Dump sam file
ScreenshotBOF
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
ServiceSetSD-Bof
Beacon Object file set service sd
SharpSCCM
A C# utility for interacting with SCCM
SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
SuperSharpShares
SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your associated domain account.
WdToggle
A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
whereami
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.
xPipe
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions