Alternatives and similar repositories for ProcessKiller-BYOVD

Users that are interested in ProcessKiller-BYOVD are comparing it to the libraries listed below

• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆59Updated 10 months ago
• rbmm / SC
  shell code example
  ☆49Updated 3 weeks ago
• Teach2Breach / snapinject_rs
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆49Updated 4 months ago
• MEhrn00 / boflink
  Linker for Beacon Object Files
  ☆70Updated last week
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆63Updated last month
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆60Updated 3 months ago
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆46Updated 8 months ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆82Updated 7 months ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 6 months ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆48Updated 3 weeks ago
• NtDallas / sharp-execute
  Execute dotnet app from unmanaged process
  ☆75Updated 5 months ago
• Teach2Breach / early_cascade_inj_rs
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆58Updated 6 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 9 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆47Updated 2 years ago
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆63Updated last month
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆64Updated 2 years ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 9 months ago
• 0xjbb / vehspoof
  Callstack spoofing using a VEH because VEH all the things.
  ☆21Updated 2 months ago
• leftp / FirewallMoniker
  A C# implementation that disables Windows Firewall bypassing UAC
  ☆15Updated 7 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated last year
• passthehashbrowns / VectoredExceptionHandling
  ☆86Updated 9 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆48Updated last year
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 9 months ago
• decoder-it / RelabelAbuse
  ☆61Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated last year
• ameenalkerdy / ETWShellcodeLoader
  Shellcode Loader Utilizing ETW Events
  ☆63Updated 3 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆89Updated 11 months ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆85Updated 2 years ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated last year