Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
☆91Aug 21, 2025Updated 6 months ago
Alternatives and similar repositories for BYOVD_EDRKiller
Users that are interested in BYOVD_EDRKiller are comparing it to the libraries listed below
Sorting:
- Detect BypassUAC using AMSI☆29Feb 18, 2025Updated last year
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆202Dec 17, 2025Updated 2 months ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 7 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆211Aug 21, 2025Updated 6 months ago
- Simulate per-process disconnection in red team environments☆113Jun 6, 2025Updated 9 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆264Sep 23, 2025Updated 5 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆51May 5, 2025Updated 10 months ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- ☆54Oct 13, 2025Updated 4 months ago
- Things i do because i saw it on twitter on a weekend☆57Jul 20, 2025Updated 7 months ago
- A Reflective Loader for macOS☆147Jul 20, 2025Updated 7 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- ☆19Jan 25, 2024Updated 2 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- Repository for dirty scripts and PoCs☆20Feb 18, 2025Updated last year
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆95Feb 3, 2026Updated last month
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 2 months ago
- From C to binary shellcode converter.☆56Nov 11, 2025Updated 3 months ago
- A C# tool for extracting information from SCCM PXE boot media.☆51Jan 14, 2026Updated last month
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- Hackers to Hackers Conference (H2HC) presentation in São Paulo☆38Dec 16, 2024Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆85Feb 26, 2023Updated 3 years ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆49Nov 2, 2025Updated 4 months ago
- Obex – Blocking unwanted DLLs in user mode☆282Sep 18, 2025Updated 5 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆167Sep 22, 2025Updated 5 months ago
- Collect Windows telemetry for Maldev☆460Jan 30, 2026Updated last month
- UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…☆33Jun 30, 2021Updated 4 years ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated last year
- Remap ntdll.dll using only NTAPI functions with a suspended process☆27Apr 13, 2025Updated 10 months ago