rasta-mouse

rasta-mouse / atomic-bofs

Public

Atomic test units for BOF execution

21
2
69% credibility
Found Apr 26, 2026 at 21 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
C
AI Summary

This project lets security testers run small, standalone programs that mimic behaviors from bigger testing tools, all without needing the full system.

How It Works

1
🔍 Discover Atomic BOFs

You stumble upon this handy kit while looking for ways to test tiny security tricks without complicated setups.

2
📥 Grab the starter files

Download the ready-made pieces to your computer to get started right away.

3
🧩 Pick a simple test

Choose an easy example like printing a message or checking who's using the computer.

4
⚙️ Load your test into the runner

Slide your chosen test and any details it needs into the launcher's setup spot – it's like plugging in a gadget.

5
🔨 Build the tester

Follow the quick build steps to prepare everything for running smoothly.

6
▶️ Launch and watch

Hit go, and your mini-test springs to life in memory, doing its thing just like in a full setup.

See your results

Output appears on screen, confirming your security test worked perfectly on its own.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 21 to 21 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is atomic-bofs?

Atomic-bofs lets you run Beacon Object Files (BOFs) standalone, without a C2 framework like Cobalt Strike. Written in C, it provides a harness that loads COFF binaries into memory, handles packed arguments via simple config files, and executes entrypoints on x86 or x64 Windows targets. It's built for atomic test units—repeatable, isolated runs akin to Atomic Red Team github tests but focused on BOF execution, solving the pain of framework dependency for quick validation.

Why is it gaining traction?

It stands out by decoupling BOF testing from C2 overhead, using Crystal Palace for packing args and embedding COFF bytes directly—no recompiles needed for tweaks. Developers dig the hook support for evasion, like intercepting Win32 APIs in third-party BOFs (e.g., TrustedSec's whoami), plus cross-arch builds via straightforward Makefiles. In a world of atomic test sites and github atomic red tools, this delivers frictionless, framework-agnostic BOF runs.

Who should use this?

Red team operators scripting atomic tests outside engagements, security researchers validating BOF payloads like atomic test_and_set primitives, or pentesters customizing github atomic agent behaviors. Ideal for those building atomic red team github suites or tweaking BOFs for evasion without full Cobalt Strike setups.

Verdict

Grab it if you're deep in BOF dev—solid for niche atomic test needs despite 21 stars signaling early maturity and basic docs. Low 0.699999988079071% credibility score reflects limited adoption, but examples and harness make it a practical starter for targeted testing.

(178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.