ghostbyt3/BYOVDFinder external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ghostbyt3/BYOVDFinder

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ghostbyt3/BYOVDFinder)

Close

ghostbyt3 / BYOVDFinderView on GitHubMore

• External links
• Readme badge

Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.

☆84Jul 25, 2025Updated 10 months ago

Alternatives and similar repositories for BYOVDFinder

Users that are interested in BYOVDFinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Faran-17 / Hellshazzard

  View on GitHub
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Aug 13, 2024Updated last year
• 0x3rhy / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆13Feb 4, 2024Updated 2 years ago
• NioZow / Imperium

  View on GitHub
  A C++/Asm template for PIC/EXE/DLL malware
  ☆24Aug 12, 2025Updated 10 months ago
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 9 months ago
• xelemental / Mal-LNK-Generator

  View on GitHub
  ☆39Mar 28, 2025Updated last year
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• 0xJs / AzurePowerCommands

  View on GitHub
  Extra cmdlets to help with quering security related information from Azure
  ☆15Sep 16, 2024Updated last year
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION

  View on GitHub
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆18Oct 31, 2024Updated last year
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆85Jan 29, 2025Updated last year
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆70Jun 29, 2025Updated 11 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆189Jan 17, 2026Updated 4 months ago
• PhantomSecurityGroup / Intro-to-EDR-Evasion

  View on GitHub
  CyberShield 2025 Intro to EDR Evasion Class
  ☆18Jun 3, 2025Updated last year
• rbmm / TL-TASK

  View on GitHub
  ☆19Sep 17, 2025Updated 8 months ago
• m3rcer / IRvana

  View on GitHub
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆134Dec 24, 2025Updated 5 months ago
• xpn / adfstoolkit

  View on GitHub
  ☆39Jan 7, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• leftp / FirewallMoniker

  View on GitHub
  A C# implementation that disables Windows Firewall bypassing UAC
  ☆18Oct 23, 2024Updated last year
• djackreuter / proc_noprocdump

  View on GitHub
  Dump LSASS by spoofing command line arguments to procdump.
  ☆20Oct 21, 2024Updated last year
• grayhatkiller / wambam-bof

  View on GitHub
  ☆50Dec 5, 2025Updated 6 months ago
• zero2504 / FrostLock-Injection

  View on GitHub
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆44Apr 6, 2025Updated last year
• LuemmelSec / P4wnP1_aloa

  View on GitHub
  P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…
  ☆34Jul 5, 2025Updated 11 months ago
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆216Jan 30, 2025Updated last year
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆130Jul 1, 2025Updated 11 months ago
• dr4ndrei / OHFFLdr

  View on GitHub
  One-header configurable C++20 COFF loader
  ☆21Jul 21, 2025Updated 10 months ago
• FalconForceTeam / bof-winrm-client

  View on GitHub
  ☆133Jan 23, 2025Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Hubbl3 / ThreatCheck

  View on GitHub
  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
  ☆11May 17, 2024Updated 2 years ago
• rtecCyberSec / SpeechRuntimeMove

  View on GitHub
  Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking
  ☆149Jul 2, 2025Updated 11 months ago
• Tylous / File-Smuggling

  View on GitHub
  HTML smuggling is not an evil, it can be useful
  ☆14Jan 28, 2023Updated 3 years ago
• nettitude / ElephantPoint

  View on GitHub
  ☆62Feb 12, 2026Updated 4 months ago
• decoder-it / ChgPass

  View on GitHub
  ☆136Feb 11, 2025Updated last year
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆158Jul 23, 2025Updated 10 months ago
• praetorian-inc / swarmer

  View on GitHub
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆138Jan 26, 2026Updated 4 months ago
• outflanknl / Training-MSOfficeOffensiveTradecraft

  View on GitHub
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52May 16, 2024Updated 2 years ago
• T3nb3w / ComDotNetExploit

  View on GitHub
  A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …
  ☆335Mar 6, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• MzHmO / Parasite-Invoke

  View on GitHub
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆213Mar 10, 2024Updated 2 years ago
• smokeme / asar-backdoor

  View on GitHub
  ☆34Mar 19, 2025Updated last year
• lowlevel01 / timelyTheft

  View on GitHub
  A chrome extension that shows the time but steals the cookies in the back for demonstration purposes.
  ☆24Mar 10, 2025Updated last year
• NEED-Programming / Golden-Ticket

  View on GitHub
  Creating them Golden Tickets
  ☆14Aug 16, 2025Updated 9 months ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆247Oct 27, 2025Updated 7 months ago
• rbmm / SC

  View on GitHub
  shell code example
  ☆69Dec 12, 2025Updated 6 months ago
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆270Apr 8, 2025Updated last year