nickvangilder/To-Safe-Mode-And-Beyond external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

nickvangilder/To-Safe-Mode-And-Beyond

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nickvangilder/To-Safe-Mode-And-Beyond)

Close

nickvangilder / To-Safe-Mode-And-BeyondView on GitHubMore

• External links
• Readme badge

A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into Normal Mode.

☆16Nov 6, 2021Updated 4 years ago

Alternatives and similar repositories for To-Safe-Mode-And-Beyond

Users that are interested in To-Safe-Mode-And-Beyond are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• JamesCooteUK / BOFs

  View on GitHub
  Collection of BOFs for Cobalt Strike
  ☆32Mar 28, 2023Updated 3 years ago
• asaurusrex / Rubicon

  View on GitHub
  Caesar-Cipher based encryption
  ☆29Mar 1, 2021Updated 5 years ago
• MrDomainAdmin / LyinEagle

  View on GitHub
  Python C2 with JScript Implant
  ☆15Nov 15, 2023Updated 2 years ago
• p0dalirius / FindProcessesWithNamedPipes

  View on GitHub
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆40Mar 6, 2025Updated last year
• plackyhacker / PowerGhost

  View on GitHub
  A custom run space to bypass AMSI and Constrained Language mode in PowerShell.
  ☆21May 17, 2023Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆147Nov 15, 2023Updated 2 years ago
• timwhitez / JmpUnhook

  View on GitHub
  Ntdll Unhooking POC
  ☆19Aug 12, 2022Updated 3 years ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago
• sliverarmory / injectAmsiBypass

  View on GitHub
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆49Dec 31, 2021Updated 4 years ago
• RedSiege / SharpCollectionTemplate

  View on GitHub
  ☆14Sep 26, 2023Updated 2 years ago
• frkngksl / ParallelNimcalls

  View on GitHub
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Jan 14, 2022Updated 4 years ago
• xoreaxecx / PEmimic

  View on GitHub
  A PE morphing tool that allows you to mimic one executable file to another.
  ☆11Dec 6, 2023Updated 2 years ago
• LazyTitan33 / DomainPasswordSpray

  View on GitHub
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…
  ☆14Jul 16, 2025Updated 8 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• RiccardoAncarani / talks

  View on GitHub
  ☆43Jul 6, 2022Updated 3 years ago
• X-C3LL / wfp-reader

  View on GitHub
  Proof of concept - Covert Channel using Windows Filtering Platform (C#)
  ☆21Aug 29, 2021Updated 4 years ago
• BlackSnufkin / Invoke-DumpMDEConfig

  View on GitHub
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆155Jun 10, 2024Updated last year
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 6 months ago
• 0xthirteen / FileWriter

  View on GitHub
  .NET project for writing files to local or remote hosts
  ☆43Jan 27, 2020Updated 6 years ago
• N4kedTurtle / LocalDllParse

  View on GitHub
  ☆53Nov 11, 2021Updated 4 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• danielwolfman / Invoke-WordThief

  View on GitHub
  This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…
  ☆33Jul 24, 2020Updated 5 years ago
• TheWover / ProcessManager

  View on GitHub
  ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.
  ☆13Aug 12, 2019Updated 6 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• frkngksl / NiCOFF

  View on GitHub
  COFF and BOF Loader written in Nim
  ☆174Aug 1, 2022Updated 3 years ago
• ByteJunkies-co-uk / Metsubushi

  View on GitHub
  Generate droppers with encrypted payloads automatically.
  ☆54Nov 16, 2021Updated 4 years ago
• thiagomayllart / DarkMelkor

  View on GitHub
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆28Sep 8, 2021Updated 4 years ago
• EncodeGroup / AggressiveGadgetToJScript

  View on GitHub
  A Cobalt Strike Aggressor script to generate GadgetToJScript payloads
  ☆101Sep 30, 2020Updated 5 years ago
• RedSiege / What-The-F

  View on GitHub
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Jun 25, 2024Updated last year
• SecurityJosh / MuteSysmon

  View on GitHub
  A PowerShell script to prevent Sysmon from writing its events
  ☆17Apr 23, 2020Updated 5 years ago
• exploitblizzard / Syscall-Example

  View on GitHub
  Using syscall to load shellcode, Evasion techniques
  ☆27Jul 18, 2021Updated 4 years ago
• x42en / sysplant

  View on GitHub
  Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
  ☆127Mar 19, 2026Updated last week
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆258May 10, 2023Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• leoloobeek / keyring

  View on GitHub
  Proper Payload Protection Prevents Poor Performance
  ☆76Jul 27, 2022Updated 3 years ago
• puzzlepeaches / peas

  View on GitHub
  Modified version of PEAS client for offensive operations
  ☆16Mar 8, 2021Updated 5 years ago
• rvrsh3ll / RuralBishop

  View on GitHub
  D/Invoke port of UrbanBishop
  ☆30Dec 13, 2020Updated 5 years ago
• Wenzel / vid-sys

  View on GitHub
  Rust unsafe bindings for Vid API (Hyper-V)
  ☆23Feb 23, 2025Updated last year
• dsnezhkov / cflsh

  View on GitHub
  CloudFlare Worker Shell
  ☆14Aug 29, 2020Updated 5 years ago
• ajpc500 / RelayRumbler

  View on GitHub
  A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.
  ☆17Jul 2, 2021Updated 4 years ago
• EncodeGroup / AggressorScripts

  View on GitHub
  Simple Aggressor Scripts for Cobalt Strike
  ☆13Sep 24, 2020Updated 5 years ago