Driver Reverse & Exploitation
☆82Sep 4, 2025Updated 6 months ago
Alternatives and similar repositories for BYOVD-DriverKiller
Users that are interested in BYOVD-DriverKiller are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆61Apr 13, 2025Updated 11 months ago
- Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75☆39Sep 16, 2025Updated 6 months ago
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆118Oct 30, 2025Updated 5 months ago
- All my POC related to malware development☆15Feb 19, 2026Updated last month
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆96Apr 2, 2025Updated 11 months ago
- ☆26Aug 11, 2025Updated 7 months ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- A Reflective Loader for macOS☆148Jul 20, 2025Updated 8 months ago
- Windows Active DIrectory Pentesting documentation.☆19Jun 14, 2024Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆231Nov 6, 2025Updated 4 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆38Feb 20, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- ☆409Dec 8, 2024Updated last year
- Generate Proxy DLLs in Rust☆50Mar 2, 2026Updated 3 weeks ago
- Windows User-Mode Shellcode Development Framework (WUMSDF)☆130Nov 17, 2025Updated 4 months ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆80Jul 25, 2025Updated 8 months ago
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 9 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆47Jul 29, 2024Updated last year
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆93Jan 2, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆16Jun 15, 2025Updated 9 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆44Dec 7, 2024Updated last year
- ☆78Aug 1, 2023Updated 2 years ago
- the bear is an infostealer (grabber) malware written in C and assembly with the focus on evading detection.☆17Sep 8, 2024Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Advanced Windows authentication token extraction and decryption tool for red team operations and security research☆89Dec 30, 2025Updated 3 months ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- ☆39Nov 25, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directory☆25Jun 29, 2025Updated 9 months ago
- UAC Bypass using UIAccess program QuickAssist☆224Nov 30, 2025Updated 3 months ago
- Exploits written while preparing for the OSED exam☆25Apr 30, 2024Updated last year
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- 无痕注入1☆11Jun 1, 2021Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year