γπγProof of concept on BYOVD attack
β166Dec 7, 2024Updated last year
Alternatives and similar repositories for Reaper
Users that are interested in Reaper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β60Dec 15, 2023Updated 2 years ago
- C# AV/EDR Killer using less-known driver (BYOVD)β185Nov 10, 2023Updated 2 years ago
- Terminate AV/EDR leveraging BYOVD attackβ103Mar 21, 2025Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.β291May 27, 2024Updated last year
- Terminate AV/EDR Processes using kernel driverβ354Jun 12, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- An interactive shell to spoof some LOLBins command lineβ188Jan 27, 2024Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's sectionβ148Dec 16, 2023Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.β410Mar 16, 2026Updated 3 weeks ago
- γβ οΈγPerforming a BYOVD on the truesight.sys driverβ45Dec 7, 2024Updated last year
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Aβ¦β302Feb 2, 2026Updated 2 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ39Dec 7, 2024Updated last year
- β124Oct 9, 2023Updated 2 years ago
- Lateral Movement via the .NET Profilerβ100Nov 21, 2024Updated last year
- Modify managed functions from unmanaged codeβ53Feb 1, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Kill AV/EDR leveraging BYOVD attackβ397Jul 11, 2023Updated 2 years ago
- β70Oct 30, 2023Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.β328Apr 12, 2024Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in Cβ136Sep 20, 2025Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.β88Feb 11, 2024Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it uselessβ39Jul 12, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.β192Mar 4, 2024Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroidsβ213Dec 14, 2023Updated 2 years ago
- γπ§±γTest a list of payloads and see if you can bypass itβ62Jun 4, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Exploitation of echo_driver.sysβ170Sep 16, 2023Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processesβ1,050Jun 20, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )β973Jul 21, 2023Updated 2 years ago
- Deobfuscation of XorStringsNetβ14Nov 5, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.β1,198Oct 16, 2023Updated 2 years ago
- Remote Shellcode Injectorβ221Aug 27, 2023Updated 2 years ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β116Sep 29, 2023Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilitiesβ506Dec 19, 2023Updated 2 years ago
- Analyse your malware to surgically obfuscate itβ527Dec 17, 2025Updated 3 months ago
- End-to-end encrypted email - Proton Mail β’ AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- RDPCredentialStealer it's an implant that steal credentials provided by users in RDP using API Hooking with Detours in C++β267Mar 11, 2026Updated last month
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.β445Jul 8, 2024Updated last year
- RunPE implementation with multiple evasive techniques (1)β384Sep 22, 2023Updated 2 years ago
- C++ self-Injecting dropper based on various EDR evasion techniques.β427Feb 11, 2024Updated 2 years ago
- .net config loaderβ349Nov 9, 2023Updated 2 years ago
- Execute shellcode files with rundll32β218Jan 28, 2024Updated 2 years ago
- Extracting NetNTLM without touching lsass.exeβ244Nov 27, 2023Updated 2 years ago