Welcome to QoL-BOFs, a collection of Beacon Object Files (BOFs) designed to improve productivity and enhance operational efficiency during red team engagements. This repository aggregates BOFs from various sources into a single, easy-to-navigate repository.
I took the contents curated here and added a few extras in that I find useful and have added them all in as submodules to this repo to build a public repo with easy-to-use/clone sources.
- A curated collection of BOFs for operational ease.
- Simplified submodule management for seamless updates.
- Contributions from trusted developers and projects in the community.
To ensure you clone the repository and its submodules correctly, use the following command:
git clone --recurse-submodules https://github.com/ZephrFish/QoL-BOFsSources curated from Will Summerhill's RT Cheatsheets - https://github.com/wsummerhill/C2_RedTeam_CheatSheets
- TrustedSec Situational Awareness BOF
- BOF Collection
- whereami
- RiccardoAncarani BOFs
- Outflank C2 Tool Collection
- cobaltstrike-cat-bof
- tgtdelegation
- PrivKit
- enumfiles BOF
- xPipe
- InlineExecute-Assembly
- inject-assembly
- BOF.NET
- Modified BOF.NET
- ajpc500 BOFs
- Threadless Inject BOF
- MiniDumpWriteDump
- SilentLsassDump
- Uses direct syscalls generated from InlineWhispers
- RegSave BOF
- Unhook BOF
- WdToggle
- TrustedSec CS-Remote-OPs-BOF
- Inject AMSI Bypass
- Inject ETW Bypass
- BOF-patchit
- Kerberoast BOF
- Koh
- Kerbeus-BOF
- Cobalt-Clip
- ScreenshotBOF
- nanorobeus
- Defender-Exclusions-Creator
- SQL-BOF
- ChromeKatz
- BOF Template
- BOF Hound
- An offline BloodHound ingestor and LDAP parser to be used with TrustedSec's "ldapsearch".
- Hidden Desktop BOF
- EDREnum