Alternatives and similar repositories for byovd-watchdog

Users that are interested in byovd-watchdog are comparing it to the libraries listed below

• Kudaes / CustomEntryPoint
  Select any exported function in a dll as the new dll's entry point.
  ☆82Updated 11 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆73Updated 6 months ago
• xalicex / LOLDrivers_finder
  ☆87Updated 2 years ago
• Wh04m1001 / CVE-2023-36723
  ☆67Updated last year
• smokeme / asar-backdoor
  ☆32Updated 6 months ago
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆45Updated 8 months ago
• lap1nou / CLR_Heap_encryption
  ☆100Updated 2 years ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆75Updated last year
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆37Updated 2 years ago
• Wh04m1001 / UserManagerEoP
  ☆81Updated last year
• 0xDeku / NiceKatz
  A nice process dumping tool
  ☆82Updated 3 years ago
• SafeBreach-Labs / CortexVortex
  ☆80Updated last year
• CymulateResearch / Blindside
  Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
  ☆130Updated 2 years ago
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆85Updated 2 years ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆105Updated 6 months ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆37Updated 10 months ago
• cybersectroll / TrollDump
  ☆82Updated last year
• NtDallas / OdinLdr
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆132Updated 8 months ago
• jsecu / ModTask
  ☆53Updated 2 weeks ago
• NUL0x4C / HookingLsassForCredentials
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆59Updated 4 months ago
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆157Updated last year
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆102Updated 2 years ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆87Updated 2 years ago
• MrAle98 / Sliver-CPPImplant2
  Sliver agent rewritten in C++
  ☆48Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆65Updated last year
• cybersectroll / TrollRPC
  ☆50Updated 2 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆131Updated last year
• tijme / nimplant-beacon-position-independent-c-code
  A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.
  ☆61Updated 7 months ago
• antroguy / GetAccessTokenWithSSOCookie
  ☆44Updated 4 months ago
• wolfcod / beacondbg
  Beacon Debugger
  ☆55Updated 11 months ago