Hagrid29/BYOVDKit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Hagrid29/BYOVDKit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Hagrid29/BYOVDKit)

Close

Hagrid29 / BYOVDKitView on GitHubMore

• External links
• Readme badge

bring your own vulnerable driver

☆117May 17, 2023Updated 2 years ago

Alternatives and similar repositories for BYOVDKit

Users that are interested in BYOVDKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Hagrid29 / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆101Mar 20, 2023Updated 3 years ago
• NVISOsecurity / cs2br-bof

  View on GitHub
  Run Cobalt Strike BOFs in Brute Ratel C4!
  ☆87Apr 15, 2025Updated last year
• MaorSabag / TrueSightKiller

  View on GitHub
  CPP AV/EDR Killer
  ☆480Nov 28, 2023Updated 2 years ago
• BlackSnufkin / BYOVD

  View on GitHub
  BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).
  ☆711Apr 12, 2026Updated 3 weeks ago
• 0x3rhy / BypassCredGuard-BOF

  View on GitHub
  BypassCredGuard CS BOF
  ☆53Jan 23, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated last year
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆328Apr 12, 2024Updated 2 years ago
• M0nster3 / ITaskServers

  View on GitHub
  Bypass EDR Create TaskServers
  ☆39Dec 24, 2022Updated 3 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆379Apr 19, 2023Updated 3 years ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆48Jan 8, 2025Updated last year
• nick-frischkorn / SuspendEventLogBOF

  View on GitHub
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆29Jun 17, 2022Updated 3 years ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆66Mar 19, 2024Updated 2 years ago
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆467Aug 2, 2024Updated last year
• ZeroMemoryEx / Overlord

  View on GitHub
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆83May 23, 2023Updated 2 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• myzxcg / RealBlindingEDR

  View on GitHub
  Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…
  ☆1,318Jun 21, 2024Updated last year
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆695Oct 23, 2024Updated last year
• Cipher7 / ChaiLdr

  View on GitHub
  AV bypass while you sip your Chai!
  ☆222May 17, 2024Updated last year
• Octoberfest7 / CVE-2023-36874_BOF

  View on GitHub
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆206Aug 25, 2023Updated 2 years ago
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆406Mar 28, 2024Updated 2 years ago
• YOLOP0wn / EchoDrv

  View on GitHub
  Exploitation of echo_driver.sys
  ☆170Sep 16, 2023Updated 2 years ago
• pwardle / ReflectiveLoader

  View on GitHub
  A Reflective Loader for macOS
  ☆149Jul 20, 2025Updated 9 months ago
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆286Apr 17, 2023Updated 3 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• AlteredSecurity / Disable-TamperProtection

  View on GitHub
  A POC to disable TamperProtection and other Defender / MDE components
  ☆256Jun 6, 2024Updated last year
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• whokilleddb / ETWListicle

  View on GitHub
  List the ETW provider(s) in the registration table of a process.
  ☆82Sep 20, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆449Dec 21, 2023Updated 2 years ago
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• CognisysGroup / SweetDreams

  View on GitHub
  Implementation of Advanced Module Stomping and Heap/Stack Encryption
  ☆226Jul 25, 2023Updated 2 years ago
• YOLOP0wn / CheckDrivers

  View on GitHub
  ☆12Sep 13, 2023Updated 2 years ago
• CUHKJason / BOF-klist

  View on GitHub
  A simple BOF implementation of klist using Windows API
  ☆32Jul 7, 2022Updated 3 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆687Aug 15, 2025Updated 8 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Tw1sm / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆232Dec 3, 2025Updated 5 months ago
• ElliotKillick / LdrLockLiberator

  View on GitHub
  For when DLLMain is the only way
  ☆431Oct 29, 2024Updated last year
• jsecu / ModTask

  View on GitHub
  ☆52Mar 30, 2026Updated last month
• scrt / KexecDDPlus

  View on GitHub
  Exploiting the KsecDD Windows driver through Server Silos
  ☆79Nov 11, 2024Updated last year
• senzee1984 / MutationGate

  View on GitHub
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆281Apr 10, 2024Updated 2 years ago
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆105Nov 7, 2025Updated 5 months ago
• EspressoCake / Defender-Exclusions-Creator-BOF

  View on GitHub
  ☆83Nov 1, 2023Updated 2 years ago