Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆34Apr 14, 2026Updated this week
Alternatives and similar repositories for byovd-watchdog
Users that are interested in byovd-watchdog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 9 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 7 months ago
- ☆19Sep 17, 2025Updated 7 months ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 8 months ago
- ☆26Dec 29, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆24Feb 18, 2025Updated last year
- ☆13Oct 10, 2018Updated 7 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Powershell Script to enumerate AzureAD and output good data☆14Nov 8, 2023Updated 2 years ago
- Remote Thread Detection with a Kernel Driver☆33Jan 14, 2025Updated last year
- Sample Rust Hooking Engine☆33Apr 5, 2024Updated 2 years ago
- ☆50Jul 9, 2025Updated 9 months ago
- Proof Of Concepts☆56Jan 4, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Lightweight x86-64 instruction length disassembler (LDE)☆35Jun 17, 2023Updated 2 years ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 8 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆138Aug 31, 2025Updated 7 months ago
- System Call Integrity Layer - experimental security research☆25Updated this week
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 11 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated 2 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆141Apr 6, 2025Updated last year
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated 2 months ago
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 5 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated last year
- GreenLambert macOS IDA plugin to deobfuscate strings☆14Oct 4, 2021Updated 4 years ago
- Process Injection using Thread Name☆307Apr 18, 2025Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 3 months ago
- Mythic C2 Agent written in x64 PIC C☆87Jan 29, 2025Updated last year
- ☆34Mar 19, 2025Updated last year
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆226Aug 31, 2025Updated 7 months ago
- Share Information about Microsoft Security Products☆64Updated this week
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated 3 weeks ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- DeadManSwitch in rust with several triggers (remote local and network)☆17Nov 19, 2025Updated 4 months ago
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆21Dec 3, 2024Updated last year
- flash钓鱼 flash水坑攻击最新版源码☆65Feb 10, 2023Updated 3 years ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆202Jun 17, 2025Updated 10 months ago
- A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.☆24May 4, 2023Updated 2 years ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆120Oct 6, 2025Updated 6 months ago