BlackSnufkin/HolyGrail external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

BlackSnufkin/HolyGrail

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/BlackSnufkin/HolyGrail)

Close

BlackSnufkin / HolyGrailView on GitHubMore

• External links
• Readme badge

BYOVD hunter to help prioritize windows drivers worth manual analysis

☆125Aug 19, 2025Updated 6 months ago

Alternatives and similar repositories for HolyGrail

Users that are interested in HolyGrail are comparing it to the libraries listed below

• dobin / AwesomeMalDevLinks

  View on GitHub
  Awesome MalDev Links
  ☆41Updated this week
• KickedDroid / loadstar

  View on GitHub
  A different approach to writing BOFs in rust.
  ☆19Aug 20, 2025Updated 6 months ago
• mertdas / ValleyTerminator

  View on GitHub
  Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver
  ☆33Sep 15, 2025Updated 5 months ago
• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆31Feb 7, 2025Updated last year
• scottctaylor12 / C4

  View on GitHub
  Cross Compatible Command and Control
  ☆47Dec 18, 2025Updated 2 months ago
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆79Aug 25, 2025Updated 6 months ago
• safedv / GPOAnalyzer

  View on GitHub
  GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.
  ☆28Jun 14, 2024Updated last year
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 6 months ago
• MaorSabag / Adaptix-StealthPalace

  View on GitHub
  Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration
  ☆75Feb 28, 2026Updated last week
• Ridter / netsync

  View on GitHub
  Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.
  ☆62Feb 25, 2025Updated last year
• aitorfirm / BlackIris

  View on GitHub
  Thats it! An Open-Source Windows UEFI Rootkit
  ☆28Jul 19, 2025Updated 7 months ago
• joaoviictorti / dinvk

  View on GitHub
  Dynamically invoke arbitrary code in Rust
  ☆101Updated this week
• S3cur3Th1sSh1t / nim-strenc

  View on GitHub
  string encryption in Nim
  ☆20Jun 15, 2024Updated last year
• JayGLXR / NomadLoader

  View on GitHub
  An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…
  ☆65Mar 1, 2025Updated last year
• smokeme / asar-backdoor

  View on GitHub
  ☆33Mar 19, 2025Updated 11 months ago
• ibaiC / FriendlyFireBOF

  View on GitHub
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆57Apr 14, 2025Updated 10 months ago
• winsecurity / AMSI-Bypass-HWBP

  View on GitHub
  ☆26Aug 11, 2025Updated 6 months ago
• Hexastrike / LockBit-Database-Leak-2025

  View on GitHub
  Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.
  ☆28May 8, 2025Updated 10 months ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆105Nov 7, 2025Updated 4 months ago
• JayGLXR / Rusty-Stardust

  View on GitHub
  A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
  ☆59Mar 17, 2025Updated 11 months ago
• nilripper / ptrguard

  View on GitHub
  A pointer encryption library intended for Red Team implant design in Rust.
  ☆66Oct 1, 2025Updated 5 months ago
• Whitecat18 / LazyDLLSideload

  View on GitHub
  Generate DLL proxy/sideload projects. Automatically parses PE export tables and generates ready-to-compile project for red team engagemen…
  ☆112Updated this week
• JayGLXR / RustyMirage

  View on GitHub
  A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆38Mar 6, 2025Updated last year
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• hdks-bug / redteam-techniques

  View on GitHub
  Collection of red team techniques.
  ☆68Apr 25, 2025Updated 10 months ago
• djackreuter / rustlualoader

  View on GitHub
  Shellcode loader that executes embedded Lua from Rust.
  ☆127Dec 16, 2024Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆25Mar 12, 2025Updated 11 months ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 8 months ago
• sagiol / Terms-of-What

  View on GitHub
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆44Jun 23, 2025Updated 8 months ago
• y-security / stealthguardian

  View on GitHub
  StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…
  ☆20Aug 7, 2024Updated last year
• Teach2Breach / moonwalk

  View on GitHub
  find dll base addresses without PEB WALK
  ☆161Jul 13, 2025Updated 7 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆234Feb 12, 2025Updated last year
• lolc2 / lolc2.github.io

  View on GitHub
  lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
  ☆259Jan 29, 2026Updated last month
• Offensive-Panda / .NET_PROFILER_DLL_LOADING

  View on GitHub
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆46Jul 29, 2024Updated last year
• FalconForceTeam / bof-winrm-plugin-jump

  View on GitHub
  ☆33Jan 23, 2025Updated last year
• Qi4l-Labs / Fusion

  View on GitHub
  A cross platform C2/post-exploitation framework
  ☆55Nov 2, 2025Updated 4 months ago
• 0x4d5a-ctf / 38c3_com_talk

  View on GitHub
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆75Jan 3, 2025Updated last year
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆368Oct 14, 2025Updated 4 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆188Jan 17, 2026Updated last month