{"id":35214,"date":"2024-10-23T06:59:46","date_gmt":"2024-10-23T06:59:46","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=35214"},"modified":"2024-10-23T06:59:48","modified_gmt":"2024-10-23T06:59:48","slug":"rust-bofs","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/","title":{"rendered":"Rust BOFs &#8211; Unlocking New Potentials In Cobalt Strike"},"content":{"rendered":"\n<p>This took me like 4 days (+2 days for an update), but I got it working&#8230; rust core + alloc for Cobalt Strike BOFs.<br>This is very much a PoC, but I&#8217;d love to see others playing around with it and contributing.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Building<\/strong><a href=\"https:\/\/github.com\/wumb0\/rust_bof#building\"><\/a><\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Install mingw<\/li>\n\n\n\n<li>Install nightly rust with the x86_64-pc-windows-gnu and i686-pc-windows-gnu toolchains<\/li>\n\n\n\n<li>Run <code>cargo install cargo-make<\/code><\/li>\n\n\n\n<li>Run <code>cargo make<\/code><\/li>\n\n\n\n<li>????<\/li>\n\n\n\n<li>BOFit<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Make Your Own<\/strong><\/h2>\n\n\n\n<p>Edit the entry function in rustbof\/src\/lib.rs. You can add new args by using the <code>bof_pack<\/code> function in the aggressor script, just don&#8217;t change the first two because those are the relocations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How The fk<\/strong><a href=\"https:\/\/github.com\/wumb0\/rust_bof#how-the-fk\"><\/a><\/h2>\n\n\n\n<p>I feel like I want to write a blog post about it at some point, but for now, here was the process:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>How do I compile object files from rust?\n<ul class=\"wp-block-list\">\n<li>rustc has an <code>--emit=obj<\/code> flag that will just emit the object files into the deps folder of the target<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>A BOF is a <strong>single<\/strong> object file, not many. Rust compiles each component into its own .o file. How do I combine them?\n<ul class=\"wp-block-list\">\n<li>ld has a feature called &#8220;relocatable&#8221; (-i) which is used for incremental linking<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>The Cobalt Strike loader throws throwing a NullPointerException on <code>beacon_inline_execute<\/code>. Why?\n<ul class=\"wp-block-list\">\n<li>Some decompilation and bytecode debugging led me to find that the CS COFF parser was choking on some symbols in the object. Turns out those symbols were just included as debug (file) info.<\/li>\n\n\n\n<li>In my investigation I found that the <code>OBJExecutable<\/code> and <code>OBJParser<\/code> classes in cobaltstrike.jar have main functions that take the path to an object file and print a bunch of useful information!<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>How do I remove uneeded symbols in an object file?\n<ul class=\"wp-block-list\">\n<li>Well, <code>strip<\/code> works! <code>strip<\/code> actually has a <code>--strip-uneeded<\/code> flag that strips everything not needed for relocations, like debug info!<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Now the Cobalt Strike BOF loader complains about some undefined symbols like <code>rust_oom<\/code> and <code>__rust_alloc<\/code>. \n<ul class=\"wp-block-list\">\n<li>At this point I wasn&#8217;t using alloc at all, but it was still being compiled and then added to the BOF via <code>ld -i<\/code>. How can I get rid of these symbols?\n<ul class=\"wp-block-list\">\n<li>At first I just removed the object file for alloc, since I wasn&#8217;t using it. Easy.<\/li>\n\n\n\n<li>I think at one point I discovered the <code>--gc-sections<\/code> flag for ld, which allows you to define a root symbol via the <code>-u<\/code> flag and then it gets rid of any symbols that aren&#8217;t ever referenced. That also fixes it.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>OK. At this point we have something that loads up and does not crash. Let&#8217;s try to import a function from KERNEL32. How do we make rust use <code>__imp_<\/code> symbols?\n<ul class=\"wp-block-list\">\n<li>We can define the link name via <code>#[link_name = \"__imp_KERNEL32$OutputDebugStringA]<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>The issue with the above is that the <code>__imp_<\/code> symbols are supposed to be pointers to the import table and not functions themselves, so rust thinks that the symbol is a single pointer to a function and not a double pointer to a function. \n<ul class=\"wp-block-list\">\n<li>How the heck do we convince rust that a function pointer is actually a function pointer pointer in a clean way?\n<ul class=\"wp-block-list\">\n<li>Well, it turns out we can use unsafe rust to make a pointer into a double pointer, but that&#8217;s only half of the solution because I don&#8217;t want to have to say <code>unsafe { make my function pointer a double pointer}(args)<\/code> every time I want to make a call.<\/li>\n\n\n\n<li>It is acutally possible to make rust import symbols via the <code>__imp_<\/code> method, but I was only able to get it working on variables and not functions, so it was kind of useless.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>How can I automatically cast the pointer on call?\n<ul class=\"wp-block-list\">\n<li>If you didn&#8217;t know, rust calls <code>deref<\/code> when a type is called. So you can wrap the function pointer in a type and then implement <code>core::ops::Deref<\/code> for that type to cast the pointer to a double pointer on the fly. \n<ul class=\"wp-block-list\">\n<li>The result is a successful function call.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>So now we can import functions, but now what about an allocator? I want to be able to use strings and vectors. \n<ul class=\"wp-block-list\">\n<li>That&#8217;s the nice part of rust core, alloc is easy to implement! The allocator just creates and manages a heap via NTDLL&#8217;s Rtl*Heap functions. \n<ul class=\"wp-block-list\">\n<li>I defined a global allocator that must be initialized to be used. Now I&#8217;m getting those undefined symbols from alloc again such as <code>__rust_alloc<\/code> and <code>rust_oom<\/code>. Why?\n<ul class=\"wp-block-list\">\n<li>It turns out when rust links a binary it creates those symbols and points them to either the system allocator or a custom allocator if one is defined. I need to define them manually.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Now I&#8217;m getting an undefined symbol that looks like the name of my global allocator. What is happening?\n<ul class=\"wp-block-list\">\n<li>BOFs don&#8217;t use the BSS and the allocator was getting put in the BSS. I just explicitly told rust to put the ALLOCATOR inside the .data section via <code>#[link_section = \".data\"]<\/code>. Fixed.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Now that I can allocate memory, let&#8217;s try using the <code>format!<\/code> macro in <code>alloc<\/code> to make an allocated <code>String<\/code>. It crashes! What gives?\n<ul class=\"wp-block-list\">\n<li>This one took me a while to track down. The BOF loader does not relocate things in .data and .rdata, only .text. \n<ul class=\"wp-block-list\">\n<li>The COFF parser has a function at <code>pe.OBJExecutable.getRelocations<\/code> that creates a relocation structure for symbols in .text, but nothing else.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>The crash was happening in an virtual function table in .rdata that was not getting updated.<\/li>\n\n\n\n<li>Regardless, the BOF loader doesn&#8217;t support type 1 (IMAGE_REL_AMD64_ADDR64), which is what rust was generating for .rdata.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>How can I get the relocations applied?\n<ul class=\"wp-block-list\">\n<li>Write my own bootstrapper to manually apply the relocations before I do anything crazy like vtable references<\/li>\n\n\n\n<li>Not that hard, but requires some coordination from the Cobalt Strike client side<\/li>\n\n\n\n<li>I used Cobalt Strike&#8217;s <code>OBJExecutable<\/code> class to parse the COFF and the <code>Parser<\/code> class to pack in the extra relocations. \n<ul class=\"wp-block-list\">\n<li>This is pretty much what CS does in <code>getRelocations<\/code>. The rust side gets the info via the BOF arguments and then applies the relocations.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>How do I know where the beacon is putting the other sections?\n<ul class=\"wp-block-list\">\n<li>The BOF loader in beacon is going to choose some place to put the <code>.data<\/code> and <code>.rdata<\/code> sections, but we don&#8217;t know where those are from our code.<\/li>\n\n\n\n<li>I ended up adding importable symbols at the beginning of the .text, .rdata, and .data sections via modifying the linker script. If anyone has better ideas here I&#8217;d love to hear them.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>When those symbols were imported as extern static usize variables one of them generates an undefined <code>refptr<\/code> symbol. How do I stop it from doing that?\n<ul class=\"wp-block-list\">\n<li>I ended up importing them as functions and then casting those to usize. A hack, but it gets the job done.<\/li>\n\n\n\n<li>After fixups, vtable calls work!<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>On to 32-bit. When you try to load it a bunch of syms are undefined, including a bunch of stuff starting with <code>__<\/code>. How can we resolve that???\n<ul class=\"wp-block-list\">\n<li>32-bit adds an underscore to a bunch of stuff for some reason I could look up but don&#8217;t care.<\/li>\n\n\n\n<li>I changed the import symbol to be <code>_imp_<\/code> instead of <code>__imp_<\/code>\n<ul class=\"wp-block-list\">\n<li>Doing this broke 64 bit so I added a <code>cfg_attr<\/code> to make the import name have the correct number of underscores depending on the target<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>I added a <code>cfg_attr<\/code> to the <code>__section_start__<\/code> symbols from the linker to use a link name minus one underscore for x86 only.<\/li>\n\n\n\n<li>The final symbol is the dreaded <code>chkstk<\/code>&#8230; which I&#8217;ve dealt with at length<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>How can we get chkstk?\n<ul class=\"wp-block-list\">\n<li>It is defined in NTDLL, so we can just import <code>NTDLL!_chkstk<\/code> and define a <code>__chkstk<\/code> ourselves that calls it<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>yeah and now both 32 and 64 bit BOFs work.<br>I haven&#8217;t tried anything too incredibly fancy yet, but let me know if there are issues.<\/p>\n\n\n\n<p>For more information click <a href=\"https:\/\/github.com\/wumb0\/rust_bof\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This took me like 4 days (+2 days for an update), but I got it working&#8230; rust core + alloc for Cobalt Strike BOFs.This is very much a PoC, but I&#8217;d love to see others playing around with it and contributing. Building Make Your Own Edit the entry function in rustbof\/src\/lib.rs. You can add new [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":35218,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[737,6321,6052,6325,6958],"class_list":["post-35214","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-et","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools","tag-rust-bofs"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Rust BOFs - Unlocking New Potentials In Cobalt Strike<\/title>\n<meta name=\"description\" content=\"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Rust BOFs - Unlocking New Potentials In Cobalt Strike\" \/>\n<meta property=\"og:description\" content=\"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-23T06:59:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-10-23T06:59:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"Rust BOFs &#8211; Unlocking New Potentials In Cobalt Strike\",\"datePublished\":\"2024-10-23T06:59:46+00:00\",\"dateModified\":\"2024-10-23T06:59:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\"},\"wordCount\":1241,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\",\"Rust BOFs\"],\"articleSection\":[\"Exploitation Tools\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\",\"name\":\"Rust BOFs - Unlocking New Potentials In Cobalt Strike\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\",\"datePublished\":\"2024-10-23T06:59:46+00:00\",\"dateModified\":\"2024-10-23T06:59:48+00:00\",\"description\":\"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp\",\"width\":\"1600\",\"height\":\"900\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Rust BOFs - Unlocking New Potentials In Cobalt Strike","description":"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/","og_locale":"en_US","og_type":"article","og_title":"Rust BOFs - Unlocking New Potentials In Cobalt Strike","og_description":"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,","og_url":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2024-10-23T06:59:46+00:00","article_modified_time":"2024-10-23T06:59:48+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"Rust BOFs &#8211; Unlocking New Potentials In Cobalt Strike","datePublished":"2024-10-23T06:59:46+00:00","dateModified":"2024-10-23T06:59:48+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/"},"wordCount":1241,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","keywords":["cybersecurity","informationsecurity","kalilinux","kalilinuxtools","Rust BOFs"],"articleSection":["Exploitation Tools"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/rust-bofs\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/","url":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/","name":"Rust BOFs - Unlocking New Potentials In Cobalt Strike","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","datePublished":"2024-10-23T06:59:46+00:00","dateModified":"2024-10-23T06:59:48+00:00","description":"This took me like 4 days (+2 days for an update), but I got it working... rust core + alloc for Cobalt Strike BOFs.This is very much a PoC,","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/rust-bofs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/rust-bofs\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","width":"1600","height":"900"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSV_rtWkL__uy6euVmKgQIn1dlbtN3HNQfkBPPJxjDHHqSYbVWsyrwxaTyVaWdWaWy_xBLCDXvILsmPgp9x8hwc-d1q-cbn-B37ZGsTxz0jL5WAqhlSjHv10jI18g9j5M_C-cSoaZ9w3u1HAMj6ylvHhi-SS-iutI5ORrT2QF5ivgTX8TJdJBV9TIr1gsK\/s1600\/Rust%20BOFs.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":35537,"url":"https:\/\/kalilinuxtutorials.com\/uutils-coreutils\/","url_meta":{"origin":35214,"position":0},"title":"uutils Coreutils : A Comprehensive Guide To The Cross-Platform GNU Reimplementation In Rust","author":"Varshini","date":"December 30, 2024","format":false,"excerpt":"uutils coreutils is a cross-platform reimplementation of the GNU coreutils in Rust. While all programs have been implemented, some options might be missing or different behavior might be experienced. To install it: cargo install coreutils ~\/.cargo\/bin\/coreutils Goals uutils aims to be a drop-in replacement for the GNU utils. Differences with\u2026","rel":"","context":"In \"cybersecurity\"","block_context":{"text":"cybersecurity","link":"https:\/\/kalilinuxtutorials.com\/tag\/cybersecurity\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjFgVloLB1bykUaflnOTxnngX-lkLAP9IOLCRC5duw9ZzSMZzSyctdndIVEVNdNM4bQ0X-zZsBliL8GImmM-sjv1V2qzpaXgRYkBLmtRImbf-abebvjLKwPZcl1CjL_0PV1Mu7ajTHxA2cIivdNGK5QC7wslqcyaeBstpYqjjVqlUBdY1KPdS74Lba8cNT_\/s1600\/uutils%20Coreutils.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":34917,"url":"https:\/\/kalilinuxtutorials.com\/nyxinvoke\/","url_meta":{"origin":35214,"position":1},"title":"NyxInvoke &#8211; A Comprehensive Guide To Advanced Execution Techniques In Rust","author":"Varshini","date":"September 20, 2024","format":false,"excerpt":"NyxInvoke is a versatile Rust-based tool designed for executing .NET assemblies, PowerShell commands\/scripts, and Beacon Object Files (BOFs) with built-in patchless AMSI and ETW bypass capabilities. It can be compiled as either a standalone executable or a DLL. Features Execute .NET assemblies Run PowerShell commands or scripts Load and execute\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjPctl6GA2sP1q3-WWteQ-dQMZ0fmSLHFD3DJzLxcc7tOJVr4RBZxeWtsT6xB7JqanEjju62U5AAjaywBH-Px-KdYqbtrXUydmPIZCETUxf93t0JzfvVKnozsKUw4BC9VS9aW_Xw-8hHWHzNgRdyvPc5d6a7WmcTpUH-Xoi6nKUmd41l6ib4yKwrtf-Xd_9\/s1600\/reCAPTCHA%20Phish.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":4397,"url":"https:\/\/kalilinuxtutorials.com\/xori\/","url_meta":{"origin":35214,"position":2},"title":"Xori : An Automation-Ready Disassembly &#038; Static Analysis Library","author":"R K","date":"March 28, 2019","format":false,"excerpt":"Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and provides triage analysis data. Architectures: i386x86-64 File Formats PE, PE+Plain shellcode Current Features Outputs json of the 1) Disassembly, 2) Functions, and 3) Imports.Manages Image and Stack memory.2 modes:Light Emulation - meant to enumerate\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":30877,"url":"https:\/\/kalilinuxtutorials.com\/rusthound\/","url_meta":{"origin":35214,"position":3},"title":"RustHound : A Cross-Platform BloodHound Collector Tool","author":"Varshini","date":"October 16, 2023","format":false,"excerpt":"In the realm of cybersecurity and network reconnaissance, RustHound emerges as a versatile hero. This cross-platform BloodHound collector tool, built with Rust, breaks down the barriers between operating systems, making it a go-to solution for collecting critical network data. Join us on a journey to explore the power and potential\u2026","rel":"","context":"In &quot;Hacking Tools&quot;","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ5NC5RpxEr0fBwIa8cfZX_F4PJXPPcYA5AG0uZehXlG1hHKOl3or3qiGYV-_59YygBGdwUtqbArE295EM7YjvufcWJEdgdQ8oZOEUBzRS887IMwQxPbgxarENJlqUCGtFZKkXbKnTPOkfpkG4jk4xDlACWbOdiWGp5vvYFF-vsB5-2Z-ri880r80LIfZo\/s16000\/Untitled%20design%20%2827%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":37076,"url":"https:\/\/kalilinuxtutorials.com\/xenon\/","url_meta":{"origin":35214,"position":4},"title":"Xenon : A New Tool In The Mythic Framework","author":"Varshini","date":"March 14, 2025","format":false,"excerpt":"Xenon is a Windows agent designed for the Mythic framework, inspired by tools like Cobalt Strike. It is currently in an early stage of development and is not considered operationally secure (OPSEC safe), meaning it may contain memory leaks and other issues that could lead to crashes. Despite these limitations,\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Xenon-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":6276,"url":"https:\/\/kalilinuxtutorials.com\/applepie-hypervisor-fuzzing-whvp-bochs\/","url_meta":{"origin":35214,"position":5},"title":"Applepie : A Hypervisor For Fuzzing Built With WHVP &#038; Bochs","author":"R K","date":"August 22, 2019","format":false,"excerpt":"Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows (specifically this was developed and tested on Windows 10 17763). Bochs is used for providing deep introspection and device\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/qErEb5h9CwA\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35214","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=35214"}],"version-history":[{"count":4,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35214\/revisions"}],"predecessor-version":[{"id":35219,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35214\/revisions\/35219"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/35218"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=35214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=35214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=35214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}