timwhitez starred CoffLoader
2023-1-12 17:4:39 Author: github.com(查看原文) 阅读量:34 收藏

It's just un implementation of in-house CoffLoader supporting CobaltStrike standard BOF and BSS initialized variables.

Look at the main.c file to change the BOF and its parameters. CobalStrike handles the BOF parameter in a special way, the Arg structure is here to pass parameters easier.

No better way to understand something than digging in the code so no real README here, but if you want full theoretical explanation, look at my paper

The beacon.h implementation comes from the TrustedSec repo

文章来源: https://github.com/OtterHacker/CoffLoader