γπγProof of concept on BYOVD attack
β166Dec 7, 2024Updated last year
Alternatives and similar repositories for Reaper
Users that are interested in Reaper are comparing it to the libraries listed below
Sorting:
- C# AV/EDR Killer using less-known driver (BYOVD)β185Nov 10, 2023Updated 2 years ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.β289May 27, 2024Updated last year
- An interactive shell to spoof some LOLBins command lineβ188Jan 27, 2024Updated 2 years ago
- β60Dec 15, 2023Updated 2 years ago
- Terminate AV/EDR leveraging BYOVD attackβ104Mar 21, 2025Updated 11 months ago
- Terminate AV/EDR Processes using kernel driverβ352Jun 12, 2023Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's sectionβ148Dec 16, 2023Updated 2 years ago
- Lateral Movement via the .NET Profilerβ100Nov 21, 2024Updated last year
- β123Oct 9, 2023Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.β325Apr 12, 2024Updated last year
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.β407Aug 22, 2023Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it uselessβ39Jul 12, 2024Updated last year
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++β260Jun 14, 2023Updated 2 years ago
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Aβ¦β301Feb 2, 2026Updated last month
- Modify managed functions from unmanaged codeβ53Feb 1, 2024Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.β88Feb 11, 2024Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroidsβ212Dec 14, 2023Updated 2 years ago
- Kill AV/EDR leveraging BYOVD attackβ391Jul 11, 2023Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)β382Sep 22, 2023Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.β190Mar 4, 2024Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.β443Jul 8, 2024Updated last year
- Remote Shellcode Injectorβ220Aug 27, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)β261Jun 29, 2024Updated last year
- Basic interactive Windows kernel offensive toolkit written in Cβ137Sep 20, 2025Updated 5 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilitiesβ503Dec 19, 2023Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processesβ1,040Jun 20, 2023Updated 2 years ago
- .net config loaderβ348Nov 9, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.β69May 11, 2023Updated 2 years ago
- Identify and exploit leaked handles for local privilege escalation.β111Jun 19, 2023Updated 2 years ago
- Analyse your malware to surgically obfuscate itβ519Dec 17, 2025Updated 2 months ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCrβ¦β63Feb 11, 2024Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )β968Jul 21, 2023Updated 2 years ago
- β301Oct 29, 2024Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.β427Feb 11, 2024Updated 2 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phanβ¦β283Sep 18, 2024Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrβ¦β183Feb 2, 2026Updated last month
- β70Oct 30, 2023Updated 2 years ago
- β223Mar 10, 2024Updated last year
- β163Oct 25, 2023Updated 2 years ago