ANYLNK/NSecSoftBYOVD

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ANYLNK/NSecSoftBYOVD)

ANYLNK / NSecSoftBYOVD

NSecSoftBYOVD POC

☆58

Alternatives and similar repositories for NSecSoftBYOVD

Users that are interested in NSecSoftBYOVD are comparing it to the libraries listed below

Sorting:

RayRRT / BOFs
View on GitHub
Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.
☆102Jan 26, 2026Updated last month
nettitude / ElephantPoint
View on GitHub
☆59Feb 12, 2026Updated 3 weeks ago
rxOred / process-hollowing
View on GitHub
process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
☆31Jan 9, 2022Updated 4 years ago
CyberSecurityUP / ProcessKiller-BYOVD
View on GitHub
BYOVD Technique Example using viragt64 driver
☆73Jul 25, 2024Updated last year
Adaptix-Framework / templates-extender
View on GitHub
Templates for developing your own listeners and agents for AdaptixC2.
☆46Feb 28, 2026Updated last week
kypvas / LDIFToBloodHound
View on GitHub
A Windows tool that converts LDIF files to BloodHound CE
☆27Dec 20, 2025Updated 2 months ago
l4rm4nd / PyADRecon-ADWS
View on GitHub
An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD d…
☆48Feb 23, 2026Updated 2 weeks ago
joaoviictorti / rustbof
View on GitHub
A Rust template for writing Beacon Object Files (BOFs)
☆101Feb 11, 2026Updated 3 weeks ago
affix / rusty-hollow
View on GitHub
Unix Process hollowing in rust
☆22Dec 16, 2024Updated last year
0xRobert / mimikatz-rs
View on GitHub
Rusty Mimikatz - All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
☆21Nov 24, 2022Updated 3 years ago
TwoSevenOneT / EDR-Redir
View on GitHub
EDR-Redir : a tool used to redirect the EDR's folder to another location.
☆224Nov 6, 2025Updated 4 months ago
T1erno / bin2shellcode
View on GitHub
C++ tool and library for converting .bin files to shellcode in multiple output formats.
☆34Aug 18, 2025Updated 6 months ago
yinsel / CVE-2024-35250-BOF
View on GitHub
CVE-2024-35250 的 Beacon Object File (BOF) 实现。
☆24Nov 28, 2024Updated last year
0xflux / Rust-Hells-Gate
View on GitHub
Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
☆86Jun 4, 2024Updated last year
pard0p / Remote-BOF-Runner
View on GitHub
Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
☆89Jan 2, 2026Updated 2 months ago
EduContin / hidden-vnc
View on GitHub
HVNC PoC (Hidden VNC) in Rust
☆40Sep 2, 2025Updated 6 months ago
hasherezade / waiting_thread_hijacking
View on GitHub
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
☆264Aug 31, 2025Updated 6 months ago
0xTriboulet / rssh-rs
View on GitHub
☆55May 31, 2025Updated 9 months ago
leonjza / port-jump
View on GitHub
Some security by obscurity using port-jumping.
☆14Aug 21, 2025Updated 6 months ago
matro7sh / bof-collection
View on GitHub
collection of beacon object file (Cobalt strike)
☆12Jan 21, 2023Updated 3 years ago
123ojp / VxLAN-Scanner
View on GitHub
This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
☆28Jul 21, 2025Updated 7 months ago
buldansec / EnableEFS
View on GitHub
Enable EFS service as low priv user (PE & BOF)
☆21Jul 6, 2025Updated 8 months ago
moom825 / XenoStealer
View on GitHub
☆53Sep 26, 2024Updated last year
maxDcb / C2Implant
View on GitHub
Windows C++ Implant for Exploration C2
☆45Jan 26, 2026Updated last month
alexlee820 / PatchedCLRLoader
View on GitHub
.NET assembly loader with patching AMSI and ETW bypass
☆31Apr 16, 2025Updated 10 months ago
Nicolas-Arsenault / Havoc-C2-RCE-2024
View on GitHub
Abusing SSRF to deliver an authenticated command injection payload
☆29Sep 1, 2025Updated 6 months ago
synacktiv / GroupPolicyBackdoor
View on GitHub
Group Policy Objects manipulation and exploitation framework
☆296Dec 7, 2025Updated 3 months ago
Leo4j / Invoke-RunAsSystem
View on GitHub
A simple script to elevate current session to SYSTEM (needs to be run as Administrator)
☆16Nov 11, 2024Updated last year
Nero22k / Kernel-Programming-2023
View on GitHub
Repository of different kernel drivers written while studying Windows NT Driver development
☆12Apr 14, 2024Updated last year
j3h4ck / WatchDogKiller
View on GitHub
PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.
☆202Sep 11, 2025Updated 5 months ago
cfs0x / ShadowDropper
View on GitHub
ShadowDropper is a utility for covertly delivering and executing payloads on a target system.
☆27Jul 4, 2025Updated 8 months ago
xalicex / Get-DLL-and-Function-Addresses
View on GitHub
GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
☆32Feb 7, 2022Updated 4 years ago
0xthirteen / WMI_Proc_Dump
View on GitHub
Dump processes over WMI with MSFT_MTProcess
☆84Feb 13, 2026Updated 3 weeks ago
MayerDaniel / the-one-wsl-bof
View on GitHub
One WSL BOF to rule them all
☆159Jan 14, 2026Updated last month
0xJs / EnumEDRs
View on GitHub
Enumerate active EDR's on the system
☆152Sep 23, 2025Updated 5 months ago
TwoSevenOneT / CreateProcessAsPPL
View on GitHub
This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
☆295Nov 1, 2025Updated 4 months ago
bitdefender / hypervinject-poc
View on GitHub
☆59Feb 19, 2026Updated 2 weeks ago
m7rick / Havoc-DLLHijack
View on GitHub
A tool to assist DLL hijacking via the Havoc GUI
☆12Jan 9, 2024Updated 2 years ago
x64dbg / lz4
View on GitHub
☆14Dec 26, 2024Updated last year