Cobalt Strike uses a technique known as fork & run for many of its post-ex capabilities, including the screenshot command. While this behaviour provides stability, it is now well known and heavily monitored for. This BOF is meant to provide a more OPSEC safe version of the screenshot capability.
20
+
21
+
## Credits
22
+
- Made using https://github.com/securifybv/Visual-Studio-BOF-template