BOF DLL Inject Save

Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.

Project README

BOF-DLL-Inject

BOF DLL Inject is a custom Beacon Object File that uses manual map DLL injection in order to migrate a dll into a process all from memory.

Advantages

Less likely to be signatured
DLL payload stays in memory and never touches disk
Additional functionality is easy to implement
DLL isn't registered as a module including the EPROCESS structure in kernel land

Notes

To see how I developed this tool and further information on it see my blog post

Cobalt Strike BOF Executing

Open Source Agenda is not affiliated with "BOF DLL Inject" Project. README Source: tomcarver16/BOF-DLL-Inject

Stars

145

Open Issues

Last Commit

3 years ago

Repository

tomcarver16/BOF-DLL-Inject

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/bof-dll-inject"><img src="https://www.opensourceagenda.com/projects/bof-dll-inject/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022