γπγProof of concept on BYOVD attack
β164Dec 7, 2024Updated last year
Alternatives and similar repositories for Reaper
Users that are interested in Reaper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β60Dec 15, 2023Updated 2 years ago
- C# AV/EDR Killer using less-known driver (BYOVD)β186Nov 10, 2023Updated 2 years ago
- Terminate AV/EDR leveraging BYOVD attackβ104Mar 21, 2025Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.β293May 27, 2024Updated 2 years ago
- Terminate AV/EDR Processes using kernel driverβ353Jun 12, 2023Updated 3 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer β’ AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- An interactive shell to spoof some LOLBins command lineβ187Jan 27, 2024Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's sectionβ146Dec 16, 2023Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.β410Mar 16, 2026Updated 2 months ago
- γβ οΈγPerforming a BYOVD on the truesight.sys driverβ46Dec 7, 2024Updated last year
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Aβ¦β301Feb 2, 2026Updated 4 months ago
- γβοΈγDetect which native Windows API's (NtAPI) are being hookedβ40Dec 7, 2024Updated last year
- β124Oct 9, 2023Updated 2 years ago
- Lateral Movement via the .NET Profilerβ100Nov 21, 2024Updated last year
- Modify managed functions from unmanaged codeβ53Feb 1, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Kill AV/EDR leveraging BYOVD attackβ403Jul 11, 2023Updated 2 years ago
- β70Oct 30, 2023Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.β326Apr 12, 2024Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in Cβ138Sep 20, 2025Updated 8 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.β89Feb 11, 2024Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it uselessβ39Jul 12, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.β194Mar 4, 2024Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroidsβ214Dec 14, 2023Updated 2 years ago
- γπ§±γTest a list of payloads and see if you can bypass itβ64Jun 4, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Exploitation of echo_driver.sysβ170Sep 16, 2023Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processesβ1,060Jun 20, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )β981Jul 21, 2023Updated 2 years ago
- Deobfuscation of XorStringsNetβ13Nov 5, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.β1,199Oct 16, 2023Updated 2 years ago
- Remote Shellcode Injectorβ221Aug 27, 2023Updated 2 years ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.β116Sep 29, 2023Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilitiesβ506Dec 19, 2023Updated 2 years ago
- Analyse your malware to surgically obfuscate itβ535Dec 17, 2025Updated 5 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- RDPCredentialStealer it's an implant that steal credentials provided by users in RDP using API Hooking with Detours in C++β264Mar 11, 2026Updated 3 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.β443Jul 8, 2024Updated last year
- RunPE implementation with multiple evasive techniques (1)β385Sep 22, 2023Updated 2 years ago
- .net config loaderβ352Nov 9, 2023Updated 2 years ago
- C++ self-Injecting dropper based on various EDR evasion techniques.β436Feb 11, 2024Updated 2 years ago
- Execute shellcode files with rundll32β222Jan 28, 2024Updated 2 years ago
- Extracting NetNTLM without touching lsass.exeβ244Nov 27, 2023Updated 2 years ago