/BOFs

Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.

Primary LanguageC

Beacon Object Files

Name Syntax
MiniDumpWriteDump minidumpwritedump <PID> <path_of_dmp?>

MiniDumpWriteDump BOF (64-bit only)

Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemory.

Syscalls generated using @jthuraisamy's SysWhispers and @Outflanknl's InlineWhispers.

Code is adapted from ReactOS's implementation of MiniDumpWriteDump at minidump.c.