Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆82Jul 25, 2025Updated 9 months ago
Alternatives and similar repositories for BYOVDFinder
Users that are interested in BYOVDFinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆25Aug 12, 2025Updated 9 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 8 months ago
- ☆39Mar 28, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Extra cmdlets to help with quering security related information from Azure☆15Sep 16, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Mythic C2 Agent written in x64 PIC C☆87Jan 29, 2025Updated last year
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 10 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆192Jan 17, 2026Updated 4 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆18Jun 3, 2025Updated 11 months ago
- ☆19Sep 17, 2025Updated 8 months ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆131Dec 24, 2025Updated 5 months ago
- ☆39Jan 7, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A C# implementation that disables Windows Firewall bypassing UAC☆18Oct 23, 2024Updated last year
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- ☆50Dec 5, 2025Updated 5 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆34Jul 5, 2025Updated 10 months ago
- A PoC for Early Cascade process injection technique.☆216Jan 30, 2025Updated last year
- Adversary Emulation Framework☆131Jul 1, 2025Updated 10 months ago
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 10 months ago
- ☆133Jan 23, 2025Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated 2 years ago
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆30Aug 2, 2024Updated last year
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆149Jul 2, 2025Updated 10 months ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- ☆62Feb 12, 2026Updated 3 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 10 months ago
- ☆136Feb 11, 2025Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆134Jan 26, 2026Updated 3 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆213Mar 10, 2024Updated 2 years ago
- ☆34Mar 19, 2025Updated last year
- A chrome extension that shows the time but steals the cookies in the back for demonstration purposes.☆24Mar 10, 2025Updated last year
- Creating them Golden Tickets☆14Aug 16, 2025Updated 9 months ago
- Azure Post Exploitation Framework☆247Oct 27, 2025Updated 6 months ago
- shell code example☆69Dec 12, 2025Updated 5 months ago