BOFs icon indicating copy to clipboard operation
BOFs copied to clipboard

verified publisher icon rookuu

Metadata

Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.

Beacon Object Files

Name Syntax
MiniDumpWriteDump minidumpwritedump <PID> <path_of_dmp?>

MiniDumpWriteDump BOF (64-bit only)

Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemory.

Syscalls generated using @jthuraisamy's SysWhispers and @Outflanknl's InlineWhispers.

Code is adapted from ReactOS's implementation of MiniDumpWriteDump at minidump.c.

Metadata

156
Stars
27
Forks
Watchers

Owner

verified publisher icon rookuu

Metadata

Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.

Back