AV/EDR killer using BYOVD technique
☆44Sep 27, 2024Updated last year
Alternatives and similar repositories for Kill-Floor
Users that are interested in Kill-Floor are comparing it to the libraries listed below
Sorting:
- A BOF to create a scheduled task using a COM object.☆16Dec 3, 2024Updated last year
- ☆15Aug 17, 2023Updated 2 years ago
- A Simple PoC☆22May 24, 2024Updated last year
- Kill Everything AV/EDR☆27Nov 18, 2024Updated last year
- Sample Rust Hooking Engine☆36Apr 5, 2024Updated last year
- ☆19Jan 25, 2024Updated 2 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- Playing with packets in C#☆15Aug 16, 2024Updated last year
- Bypass LSA protection using the BYODLL technique☆172Sep 21, 2024Updated last year
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆59Apr 13, 2023Updated 2 years ago
- poc for cve-2025-53772☆46Dec 10, 2025Updated 2 months ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- ☆46Dec 5, 2023Updated 2 years ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆65Jan 13, 2026Updated last month
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 10 months ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- BYOVD Technique Example using viragt64 driver☆73Jul 25, 2024Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- HVNC based on RustDesk☆109May 1, 2024Updated last year
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆24May 10, 2021Updated 4 years ago
- Passets 被动资产识别框架数据清洗模块。☆12Nov 26, 2020Updated 5 years ago
- ☆12Nov 25, 2024Updated last year
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- NMAP扫描网络资产自动导入到Elasticstack进行展示☆11Apr 25, 2020Updated 5 years ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆294Apr 21, 2025Updated 10 months ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- ☆29May 10, 2024Updated last year
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆43Jun 27, 2023Updated 2 years ago
- Sharp Wifi Password Grabber retrieves in clear-text the Wi-Fi Passwords from all WLAN Profiles saved on a workstation.☆104Dec 12, 2020Updated 5 years ago
- XOR decrypting shellcode using the GPU with OpenCL.☆120May 22, 2025Updated 9 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- ☆11Aug 8, 2022Updated 3 years ago
- ☆12Jan 27, 2022Updated 4 years ago