CyberSecurityUP / ProcessKiller-BYOVDLinks
BYOVD Technique Example using viragt64 driver
☆40Updated 11 months ago
Alternatives and similar repositories for ProcessKiller-BYOVD
Users that are interested in ProcessKiller-BYOVD are comparing it to the libraries listed below
Sorting:
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 5 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆59Updated 7 months ago
- Callstack spoofing using a VEH because VEH all the things.☆21Updated 3 months ago
- Windows AppLocker Driver (appid.sys) LPE☆62Updated 10 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 9 months ago
- Linker for Beacon Object Files☆116Updated this week
- API Hammering with C++20☆46Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆50Updated last year
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆24Updated 10 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆71Updated 2 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 4 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆39Updated 10 months ago
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- ☆55Updated 8 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆49Updated 9 months ago
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- Attacking the cleanup_module function of a kernel module☆36Updated 2 months ago
- ☆86Updated 10 months ago
- shell code example☆49Updated last month
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆44Updated this week
- Shellcode Loader Utilizing ETW Events☆63Updated 4 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆69Updated 2 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆82Updated 4 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆27Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆50Updated last year
- An In-memory Embedding of CPython☆28Updated 4 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year