Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver
☆33Sep 15, 2025Updated 5 months ago
Alternatives and similar repositories for ValleyTerminator
Users that are interested in ValleyTerminator are comparing it to the libraries listed below
Sorting:
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆54Feb 15, 2026Updated last week
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆113Aug 19, 2025Updated 6 months ago
- Python port of Pipal for password analytics☆22Oct 3, 2023Updated 2 years ago
- Avocado is a powerful C2 framework written in Python with stageless implants in Rust. Avocado's implant runs seamlessly on both Linux and…☆27Feb 15, 2026Updated last week
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 5 months ago
- maldev obviously☆28May 5, 2025Updated 9 months ago
- Learn MongoDB from absolute basics.☆52Jan 16, 2026Updated last month
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆68Nov 15, 2025Updated 3 months ago
- Write-ups and proof of concepts of design and implementaion of various modern malwares.☆28Feb 22, 2023Updated 3 years ago
- A modern GoPhish fork with improved tracking accuracy and smarter detection.☆83Feb 16, 2026Updated last week
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆44Jul 16, 2024Updated last year
- A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…☆33Mar 5, 2025Updated 11 months ago
- SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and up…☆262Feb 2, 2026Updated 3 weeks ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 6 months ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆100Feb 14, 2026Updated last week
- Disable Kernel DMA Protection on Windows 11 via pre-boot DMA attack☆41Aug 18, 2025Updated 6 months ago
- Direct access to NTFS volumes☆292Sep 9, 2025Updated 5 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- 🌀 an Interactive Terminal for AI (interminai) - A PTY proxy enabling AI interaction with interactive CLI applications like vim, git reba…☆40Feb 9, 2026Updated 2 weeks ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 6 months ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- ☆10Mar 11, 2024Updated last year
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆295Nov 1, 2025Updated 3 months ago
- An Ansible collection that installs an ADFS deployment with optional configurations.☆44Dec 19, 2025Updated 2 months ago
- Convert .reg to registry hive and reciprocally, without elevation☆82Feb 18, 2026Updated last week
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆185Oct 29, 2025Updated 3 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Open Source C&C Specification☆277Feb 28, 2025Updated 11 months ago
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆804Nov 1, 2025Updated 3 months ago
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- syscall hijacking in 2019☆13Feb 25, 2019Updated 7 years ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 7 months ago
- API tool for hashes.com escrow☆12Dec 13, 2025Updated 2 months ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆11Mar 25, 2021Updated 4 years ago
- A C# PE loader for x64 and x86 PE files.☆44Feb 6, 2026Updated 2 weeks ago
- C programs for sockets, reverse shell, shellcode execution, and process injection.☆25Dec 10, 2025Updated 2 months ago
- C++ keylogger to save all the keys pressed into a local txt file☆11Apr 6, 2023Updated 2 years ago
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago