bring your own vulnerable driver
☆113May 17, 2023Updated 2 years ago
Alternatives and similar repositories for BYOVDKit
Users that are interested in BYOVDKit are comparing it to the libraries listed below
Sorting:
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).☆595Feb 24, 2026Updated last week
- ☆21Feb 22, 2025Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆76Nov 11, 2024Updated last year
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- CPP AV/EDR Killer☆480Nov 28, 2023Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆86Apr 15, 2025Updated 10 months ago
- Bypass EDR Create TaskServers☆39Dec 24, 2022Updated 3 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- A POC to disable TamperProtection and other Defender / MDE components☆254Jun 6, 2024Updated last year
- ☆12Sep 13, 2023Updated 2 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- AV bypass while you sip your Chai!☆224May 17, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆277Apr 17, 2023Updated 2 years ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆458Aug 2, 2024Updated last year
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- ☆235Oct 8, 2024Updated last year
- ☆83Nov 1, 2023Updated 2 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆298Jul 31, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- A Windows potato to privesc☆391Aug 26, 2024Updated last year
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,294Jun 21, 2024Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago