cognitive cybersecurity intelligence

News and Analysis

Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader

Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader, has been released to execute Cobalt Strike BOFs and unmanaged PE files directly in memory. By expanding Go’s security capabilities and avoiding CGO complications, Goffloader allows integration into Go-based security tools. Needing improvement, the COFFLoader only supports x64 architecture, and PE execution has hardcoded arguments. The library will not produce a 0/N detection file on VirusTotal. This tool is open-sourced in support of Praetorian’s Chariot BAS offering.

Source: securityboulevard.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Cyber attackers use images & built-in tools to bypass defences – SecurityBrief Australia

Cyber attackers use images & built-in tools to bypass defences – SecurityBrief Australia

Cyber attackers use images & built-in tools to bypass defences SecurityBrief Australia

Bitdefender discovers China-linked malware – Asia Pacific Defence Reporter

Bitdefender discovers China-linked malware – Asia Pacific Defence Reporter

Bitdefender discovers China-linked malware Asia Pacific Defence Reporter

What’s Next for Walgreens Following its Private Equity Sale?

What’s Next for Walgreens Following its Private Equity Sale?

Walgreens has completed its sale to private equity firm Sycamore Partners, raising concerns that the deal could lead to widespread store closures, layoffs and reduced

ObamaCare fight meets shutdown politics: What to know

ObamaCare fight meets shutdown politics: What to know

An ObamaCare deadline has collided with a fight over government funding, as Democrats are signaling they want Republicans to extend the law’s expiring premium subsidies