Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆82Jul 25, 2025Updated 9 months ago
Alternatives and similar repositories for BYOVDFinder
Users that are interested in BYOVDFinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 8 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 7 months ago
- ☆39Mar 28, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Extra cmdlets to help with quering security related information from Azure☆15Sep 16, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Mythic C2 Agent written in x64 PIC C☆87Jan 29, 2025Updated last year
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 10 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆191Jan 17, 2026Updated 3 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆17Jun 3, 2025Updated 11 months ago
- ☆19Sep 17, 2025Updated 7 months ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆132Dec 24, 2025Updated 4 months ago
- ☆39Jan 7, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A C# implementation that disables Windows Firewall bypassing UAC☆18Oct 23, 2024Updated last year
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- ☆50Dec 5, 2025Updated 4 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆34Jul 5, 2025Updated 9 months ago
- A PoC for Early Cascade process injection technique.☆216Jan 30, 2025Updated last year
- Adversary Emulation Framework☆130Jul 1, 2025Updated 10 months ago
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 9 months ago
- ☆132Jan 23, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆28Aug 2, 2024Updated last year
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆146Jul 2, 2025Updated 10 months ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- ☆62Feb 12, 2026Updated 2 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 9 months ago
- ☆136Feb 11, 2025Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆129Jan 26, 2026Updated 3 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆212Mar 10, 2024Updated 2 years ago
- shell code example☆68Dec 12, 2025Updated 4 months ago
- ☆34Mar 19, 2025Updated last year
- A chrome extension that shows the time but steals the cookies in the back for demonstration purposes.☆24Mar 10, 2025Updated last year
- Creating them Golden Tickets☆14Aug 16, 2025Updated 8 months ago
- Azure Post Exploitation Framework☆246Oct 27, 2025Updated 6 months ago