Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆81Jul 25, 2025Updated 8 months ago
Alternatives and similar repositories for BYOVDFinder
Users that are interested in BYOVDFinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 8 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 7 months ago
- ☆38Mar 28, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Extra cmdlets to help with quering security related information from Azure☆15Sep 16, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Mythic C2 Agent written in x64 PIC C☆87Jan 29, 2025Updated last year
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 9 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆191Jan 17, 2026Updated 2 months ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆132Dec 24, 2025Updated 3 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆16Jun 3, 2025Updated 10 months ago
- ☆19Sep 17, 2025Updated 6 months ago
- ☆39Jan 7, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A C# implementation that disables Windows Firewall bypassing UAC☆17Oct 23, 2024Updated last year
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- ☆48Dec 5, 2025Updated 4 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆34Jul 5, 2025Updated 9 months ago
- A PoC for Early Cascade process injection technique.☆215Jan 30, 2025Updated last year
- Adversary Emulation Framework☆129Jul 1, 2025Updated 9 months ago
- One-header configurable C++20 COFF loader☆19Jul 21, 2025Updated 8 months ago
- ☆128Jan 23, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆111Jan 26, 2026Updated 2 months ago
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆27Aug 2, 2024Updated last year
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆143Jul 2, 2025Updated 9 months ago
- ☆62Feb 12, 2026Updated 2 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 8 months ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- ☆136Feb 11, 2025Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆210Mar 10, 2024Updated 2 years ago
- ☆34Mar 19, 2025Updated last year
- shell code example☆68Dec 12, 2025Updated 4 months ago
- A chrome extension that shows the time but steals the cookies in the back for demonstration purposes.☆24Mar 10, 2025Updated last year
- Creating them Golden Tickets☆14Aug 16, 2025Updated 7 months ago
- Azure Post Exploitation Framework☆246Oct 27, 2025Updated 5 months ago