Alternatives and similar repositories for BadRentdrv2

Users that are interested in BadRentdrv2 are comparing it to the libraries listed below

• YOLOP0wn / CheckDrivers

  View on GitHub
  ☆12Sep 13, 2023Updated 2 years ago
• lem0nSec / Alcatraz

  View on GitHub
  An example of Windows self-replicating malware.
  ☆11Jan 16, 2023Updated 3 years ago
• xalicex / Killers

  View on GitHub
  Exploitation of process killer drivers
  ☆202Oct 17, 2023Updated 2 years ago
• MaorSabag / TrueSightKiller

  View on GitHub
  CPP AV/EDR Killer
  ☆473Nov 28, 2023Updated 2 years ago
• MaorSabag / fileSearcher

  View on GitHub
  A simple BOF (Beacon Object File) to search files in the system
  ☆15Dec 2, 2023Updated 2 years ago
• Hagrid29 / BYOVDKit

  View on GitHub
  bring your own vulnerable driver
  ☆112May 17, 2023Updated 2 years ago
• ph4nt0mbyt3 / Darkside

  View on GitHub
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆185Nov 10, 2023Updated 2 years ago
• waawaa / breakcyserver

  View on GitHub
  ☆51Aug 23, 2022Updated 3 years ago
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆457Aug 2, 2024Updated last year
• BlackSnufkin / GhostDriver

  View on GitHub
  yet another AV killer tool using BYOVD
  ☆304Dec 12, 2023Updated 2 years ago
• 0prrr / Malwear-Sweet

  View on GitHub
  Malware?
  ☆76Oct 26, 2025Updated 3 months ago
• deepinstinct / ShimMe

  View on GitHub
  ☆147Oct 29, 2024Updated last year
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆539Feb 13, 2024Updated 2 years ago
• YOLOP0wn / EchoDrv

  View on GitHub
  Exploitation of echo_driver.sys
  ☆170Sep 16, 2023Updated 2 years ago
• Crowdfense / CVE-2024-21338

  View on GitHub
  Windows AppLocker Driver (appid.sys) LPE
  ☆73Jul 29, 2024Updated last year
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆245Sep 8, 2024Updated last year
• amjcyber / EDRNoiseMaker

  View on GitHub
  Detect WFP filters blocking EDR communications
  ☆96Jan 5, 2024Updated 2 years ago
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆460Sep 24, 2023Updated 2 years ago
• Meckazin / ChromeKatz

  View on GitHub
  Dump cookies and credentials directly from Chrome/Edge process memory
  ☆1,401Jan 19, 2026Updated 3 weeks ago
• CICADA8-Research / TypeLibWalker

  View on GitHub
  TypeLib persistence technique
  ☆139Oct 22, 2024Updated last year
• zer0condition / NVDrv

  View on GitHub
  Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
  ☆277Aug 25, 2023Updated 2 years ago
• Kr0ff / WinMalDev

  View on GitHub
  Various methods of executing shellcode
  ☆74Mar 27, 2023Updated 2 years ago
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆358Aug 11, 2024Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆271Apr 17, 2023Updated 2 years ago
• DebugST / STPortScanner

  View on GitHub
  [端口扫描器] 采用.NET开发的端口扫描器 支持端口协议探测 内置多种类型扫描器 TCP/UDP/SYN/SMB/ICMP 等 采用IOCP模型开发 性能表现不错 可视为轻量级NMAP
  ☆37Mar 19, 2021Updated 4 years ago
• SafeBreach-Labs / PoolParty

  View on GitHub
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,243Dec 11, 2023Updated 2 years ago
• myzxcg / RealBlindingEDR

  View on GitHub
  Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…
  ☆1,289Jun 21, 2024Updated last year
• SafeBreach-Labs / MagicDot

  View on GitHub
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆107Apr 18, 2024Updated last year
• brosck / Reaper

  View on GitHub
  「💀」Proof of concept on BYOVD attack
  ☆165Dec 7, 2024Updated last year
• naksyn / DojoLoader

  View on GitHub
  Generic PE loader for fast prototyping evasion techniques
  ☆244Jul 2, 2024Updated last year
• netero1010 / EDRSilencer

  View on GitHub
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,813Nov 3, 2024Updated last year
• wwh1004 / AmsiBypassUacDetector

  View on GitHub
  Detect BypassUAC using AMSI
  ☆29Feb 18, 2025Updated 11 months ago
• chainloaded / Kernel-HTTP-Client

  View on GitHub
  Minimalistic HTTP(S) client for the NT kernel
  ☆61Dec 1, 2025Updated 2 months ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆591Jun 12, 2024Updated last year
• oldboy21 / SWAPPALA

  View on GitHub
  In-memory hiding technique
  ☆63Jan 5, 2025Updated last year
• zerozenxlabs / CVE-2023-36424

  View on GitHub
  Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
  ☆128Mar 22, 2024Updated last year
• thiagopeixoto / winsos-poc

  View on GitHub
  A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
  ☆111Mar 10, 2024Updated last year
• ZeroMemoryEx / Terminator

  View on GitHub
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,040Jun 20, 2023Updated 2 years ago