[+] BoF of OperatorsKit , BofRoast and Defender Exclusions

README.md

@@ -195,6 +195,7 @@
 |  ALL   |   [CobaltStrike BOF](https://github.com/Yaxser/CobaltStrike-BOF)  |   DCOM Lateral Movement; WMI Lateral Movement - Win32_Process Create; WMI Lateral Movement - Event Subscription  |  ![](https://img.shields.io/github/stars/Yaxser/CobaltStrike-BOF)   | ![](https://img.shields.io/github/languages/top/Yaxser/CobaltStrike-BOF)     |
 |  ALL   |   [BOFs](https://github.com/ajpc500/BOFs)  |   ETW Patching; API Function Utility; Syscalls Shellcode Injection  |  ![](https://img.shields.io/github/stars/ajpc500/BOFs)   | ![](https://img.shields.io/github/languages/top/ajpc500/BOFs)     |
 |  ALL   |   [Remote Operations BOF](https://github.com/trustedsec/CS-Remote-OPs-BOF)  |   This repo serves as an addition to our previously released SA Repo. Our original stance was that we would not release our tooling that modified other systems, and we would only provide information gathering tooling in a ready to go format.  |  ![](https://img.shields.io/github/stars/trustedsec/CS-Remote-OPs-BOF)   | ![](https://img.shields.io/github/languages/top/trustedsec/CS-Remote-OPs-BOF)     |
+|  ALL   |   [OperatorsKit](https://github.com/REDMED-X/OperatorsKit)  |   This repository contains a collection of tools that integrate with Cobalt Strike through Beacon Object Files (BOFs).  |  ![](https://img.shields.io/github/stars/REDMED-X/OperatorsKit)   | ![](https://img.shields.io/github/languages/top/REDMED-X/OperatorsKit)     |
 |  Dev   |   [bof](https://github.com/nccgroup/nccfsas/blob/main/Tools/bof-vs-template/README.md)  |   This is a template project for building Cobalt Strike BOFs in Visual Studio.  |  ![](https://img.shields.io/github/stars/nccgroup/nccfsas)   | ![](https://img.shields.io/github/languages/top/nccgroup/nccfsas)     |
 |  Dev   |   [Needle_Sift_BOF](https://github.com/EspressoCake/Needle_Sift_BOF)  |   Strstr with user-supplied needle and filename as a BOF.  |  ![](https://img.shields.io/github/stars/EspressoCake/Needle_Sift_BOF)   | ![](https://img.shields.io/github/languages/top/EspressoCake/Needle_Sift_BOF)     |
 |  Dev   |   [Quser-BOF](https://github.com/netero1010/Quser-BOF)  |   Beacon Object Files Quser implementation using Windows API  |  ![](https://img.shields.io/github/stars/netero1010/Quser-BOF)   | ![](https://img.shields.io/github/languages/top/netero1010/Quser-BOF)     |
@@ -212,6 +213,8 @@
 |  Dev   |   [ELFLoader](https://github.com/trustedsec/ELFLoader)  |   This is a ELF object in memory loader/runner. The goal is to create a single elf loader that can be used to run follow on capabilities across all x86_64 and x86 nix operating systems. |  ![](https://img.shields.io/github/stars/trustedsec/ELFLoader)   | ![](https://img.shields.io/github/languages/top/trustedsec/ELFLoader)     |
 |  Dev   |   [Rust BOFs for Cobalt Strike](https://github.com/wumb0/rust_bof)  |   This took me like 4 days, but I got it working... rust core + alloc for Cobalt Strike BOFs. This is very much a PoC, but I'd love to see others playing around with it and contributing. |  ![](https://img.shields.io/github/stars/wumb0/rust_bof)   | ![](https://img.shields.io/github/languages/top/wumb0/rust_bof)     |
 |  Dev   |   [CoffeeLdr](https://github.com/Cracked5pider/CoffeeLdr)  |   CoffeeLdr is a loader for so called Beacon Object Files. This project can be used for testing Beacon Object files without using the Cobalt Strike framework or can be used to give custom implants a way to execute BOFs that where designed for Cobalt strike.   |  ![](https://img.shields.io/github/stars/Cracked5pider/CoffeeLdr)   | ![](https://img.shields.io/github/languages/top/Cracked5pider/CoffeeLdr)     |
+|  Auxiliary   |   [Defender Exclusions BOF](https://github.com/EspressoCake/Defender_Exclusions-BOF)  |   A BOF to determine Windows Defender exclusions.  |  ![](https://img.shields.io/github/stars/EspressoCake/Defender_Exclusions-BOF)   | ![](https://img.shields.io/github/languages/top/EspressoCake/Defender_Exclusions-BOF)     |
+|  Auxiliary   |   [BofRoast](https://github.com/cube0x0/BofRoast)  |   Beacon Object File repo for roasting Active Directory.  |  ![](https://img.shields.io/github/stars/cube0x0/BofRoast)   | ![](https://img.shields.io/github/languages/top/cube0x0/BofRoast)     |
 |  Auxiliary   |   [EnumCLR.c](https://gist.github.com/G0ldenGunSec/8ca0e853dd5637af2881697f8de6aecc)  |   Cobalt Strike BOF to identify processes with the CLR loaded with a goal of identifying SpawnTo / injection candidates.  |  ![](https://img.shields.io/github/stars/G0ldenGunSec)   | ![](https://img.shields.io/github/languages/top/G0ldenGunSec)     |
 |  Auxiliary   |   [secinject](https://github.com/apokryptein/secinject)  |   Section Mapping Process Injection (secinject): Cobalt Strike BOF  |  ![](https://img.shields.io/github/stars/apokryptein/secinject)   | ![](https://img.shields.io/github/languages/top/apokryptein/secinject)|
 |  Auxiliary   |   [FindObjects-BOF](https://github.com/outflanknl/FindObjects-BOF)  |   A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or process handles.  |  ![](https://img.shields.io/github/stars/outflanknl/FindObjects-BOF)   | ![](https://img.shields.io/github/languages/top/outflanknl/FindObjects-BOF)     |