Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
☆97Aug 21, 2025Updated 7 months ago
Alternatives and similar repositories for BYOVD_EDRKiller
Users that are interested in BYOVD_EDRKiller are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Detect BypassUAC using AMSI☆29Feb 18, 2025Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆214Aug 21, 2025Updated 7 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆264Sep 23, 2025Updated 6 months ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆28Apr 13, 2025Updated 11 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆210Dec 17, 2025Updated 3 months ago
- Things i do because i saw it on twitter on a weekend☆58Jul 20, 2025Updated 8 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆51May 5, 2025Updated 10 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 9 months ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated last year
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆51Nov 2, 2025Updated 4 months ago
- A C# tool for extracting information from SCCM PXE boot media.☆52Jan 14, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Simulate per-process disconnection in red team environments☆113Jun 6, 2025Updated 9 months ago
- A small WinRM client designed for interacting with JEA endpoints.☆13Aug 29, 2024Updated last year
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆24Jul 11, 2025Updated 8 months ago
- CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious…☆15Jan 21, 2025Updated last year
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- PoC to self-delete a binary in C#☆36Feb 6, 2024Updated 2 years ago
- ☆14Jul 29, 2024Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆226Nov 23, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆98Mar 20, 2023Updated 3 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- A simple tool for enumerating dynamic endpoints on a DCE/RPC remote or local endpoint mapper.☆15Oct 9, 2020Updated 5 years ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated 2 months ago
- Obex – Blocking unwanted DLLs in user mode☆283Sep 18, 2025Updated 6 months ago
- Hackers to Hackers Conference (H2HC) presentation in São Paulo☆38Dec 16, 2024Updated last year
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆43Aug 10, 2025Updated 7 months ago
- ☆54Oct 13, 2025Updated 5 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆272Jun 18, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 8 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆541May 9, 2025Updated 10 months ago
- Enumerate active EDR's on the system☆152Sep 23, 2025Updated 6 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- ☆71Jan 1, 2026Updated 2 months ago