BYOVD: Use 360 WFP driver to block EDR/XDR network connection.
☆117Feb 10, 2026Updated 2 months ago
Alternatives and similar repositories for 360WFP_Exploit
Users that are interested in 360WFP_Exploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 9 months ago
- Linux Shared Library to Shellcode Loader☆90Feb 15, 2026Updated 2 months ago
- Overview of MS Defender☆119Feb 20, 2026Updated last month
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆64Jun 23, 2025Updated 9 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆155Nov 23, 2025Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆74Apr 13, 2025Updated last year
- DLL injection with Microsoft detours☆22Dec 9, 2025Updated 4 months ago
- Go-based C2 server inspired by Cobalt Strike; seamless agent control, web UI, and Malleable Profile support. Fast, extensible, and secure…☆30Updated this week
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆159Mar 26, 2025Updated last year
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 5 months ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆291Feb 21, 2026Updated last month
- CVE-2024-40711-exp☆43Oct 17, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Dumping LSASS Evaded Endpoint Security Solutions☆18Feb 15, 2025Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆150Apr 18, 2025Updated 11 months ago
- ☆127Sep 1, 2024Updated last year
- Monitoring tool to detect patterns or IOCs (strings, regex, VirusTotal) and alert you and your team via console, Telegram or SMS written …☆18Feb 17, 2026Updated last month
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆191Jan 17, 2026Updated 2 months ago
- ☆150Mar 22, 2024Updated 2 years ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Linux Process Injection via Seccomp Notifier☆85Dec 9, 2025Updated 4 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆190Jan 11, 2026Updated 3 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆13Dec 26, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆444Dec 21, 2023Updated 2 years ago
- Go实现用于Windows系统的进程隐藏工具,通过DLL注入技术将指定进程从任务管理器中隐藏☆26Jan 22, 2026Updated 2 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 11 months ago
- "Service-less" driver loading☆185Nov 28, 2024Updated last year
- Lateral Movement Bof with MSI ODBC Driver Install☆148Sep 30, 2025Updated 6 months ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Remove WPP calls from hexrays decompiled code☆54Jan 31, 2026Updated 2 months ago
- Beacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.☆187Dec 23, 2025Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- RunPE implementation with multiple evasive techniques (2)☆280Sep 25, 2025Updated 6 months ago
- ☆55May 31, 2025Updated 10 months ago
- early cascade injection PoC based on Outflanks blog post☆241Nov 7, 2024Updated last year
- A Rust template for writing Beacon Object Files (BOFs)☆124Feb 11, 2026Updated 2 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated 2 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆114Jan 26, 2026Updated 2 months ago