CyberSecurityUP / ProcessKiller-BYOVDLinks
BYOVD Technique Example using viragt64 driver
β57Updated last year
Alternatives and similar repositories for ProcessKiller-BYOVD
Users that are interested in ProcessKiller-BYOVD are comparing it to the libraries listed below
Sorting:
- Windows AppLocker Driver (appid.sys) LPEβ66Updated last year
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ45Updated last year
- API Hammering with C++20β49Updated 3 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loaderβ61Updated last year
- Various methods of executing shellcodeβ72Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β63Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dllβ44Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.β69Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.β55Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β69Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β84Updated last year
- Demoting PPL anti-malware services to less than a guest userβ63Updated 9 months ago
- using the gpu to hide your payloadβ63Updated 3 years ago
- Callstack spoofing using a VEH because VEH all the things.β23Updated 7 months ago
- Splitting and executing shellcode across multiple pagesβ103Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.β36Updated 3 years ago
- In-memory hiding techniqueβ56Updated 9 months ago
- a demo module for the kaine agent to execute and inject assembly modulesβ42Updated last year
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEHβ128Updated last month
- A POC of a new βthreadlessβ process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and reβ¦β29Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)β84Updated 2 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β73Updated last year
- Exploiting the KsecDD Windows driver through Server Silosβ74Updated 11 months ago
- Arsenal of modules to beacon postex formats like BOF/Shellcode including: dotnet in memory execution, dumps (wifi, clipboard, screenshot,β¦β45Updated this week
- early cascade injection PoC based on Outflanks blog post, in rustβ60Updated 11 months ago
- Template-based generation of shellcode loadersβ79Updated last year
- This program is used to perform reflective DLL Injection to a remote process specified by the user.β64Updated 2 years ago
- An example of COM hijacking using a proxy DLL.β41Updated 4 years ago
- shell code exampleβ63Updated last month
- Classic Process Injection with Memory Evasion Techniques implemantationβ73Updated 2 years ago