Alternatives and similar repositories for byovd-watchdog

Users that are interested in byovd-watchdog are comparing it to the libraries listed below

• redi-git / SCCM_SLAP

  View on GitHub
  Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…
  ☆18Aug 13, 2025Updated 6 months ago
• heartburn-dev / PKI-Escalate

  View on GitHub
  Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…
  ☆29Jul 25, 2023Updated 2 years ago
• racoten / CannonLoader

  View on GitHub
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆23Jul 11, 2025Updated 7 months ago
• Ocel0tSec / AzureDump

  View on GitHub
  Powershell Script to enumerate AzureAD and output good data
  ☆14Nov 8, 2023Updated 2 years ago
• rbmm / TL-TASK

  View on GitHub
  ☆19Sep 17, 2025Updated 4 months ago
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆78Aug 25, 2025Updated 5 months ago
• sabrinalupsan / pentesting-azure-ad

  View on GitHub
  A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.
  ☆21May 4, 2023Updated 2 years ago
• MazX0p / CobaltSentry

  View on GitHub
  ☆24Feb 18, 2025Updated 11 months ago
• dariaomelkina / MacOS_drivers_instruction

  View on GitHub
  Semester project for Operating Systems course at UCU.
  ☆29Jan 15, 2022Updated 4 years ago
• phith0n / sangebaimao_20151112

  View on GitHub
  2015.11.12 三个白帽一题的源码
  ☆18Nov 12, 2015Updated 10 years ago
• HullaBrian / COMmander

  View on GitHub
  .NET tool used to enrich RPC telemetry
  ☆101Jan 24, 2026Updated 3 weeks ago
• zodiacon / RemoteThreadDetection

  View on GitHub
  Remote Thread Detection with a Kernel Driver
  ☆34Jan 14, 2025Updated last year
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆135Apr 6, 2025Updated 10 months ago
• cybersectroll / TrollRPC

  View on GitHub
  ☆50Jul 9, 2025Updated 7 months ago
• crow821 / FakeFlash

  View on GitHub
  flash钓鱼 flash水坑攻击最新版源码
  ☆65Feb 10, 2023Updated 3 years ago
• kr0tt / EarlyExceptionHandling

  View on GitHub
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Aug 31, 2025Updated 5 months ago
• Kharos102 / interceptor

  View on GitHub
  Sample Rust Hooking Engine
  ☆36Apr 5, 2024Updated last year
• thejanit0r / x86_ldasm

  View on GitHub
  Lightweight x86-64 instruction length disassembler (LDE)
  ☆34Jun 17, 2023Updated 2 years ago
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆297Apr 18, 2025Updated 9 months ago
• The-Viper-One / Invoke-PassTheCert

  View on GitHub
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆59Apr 13, 2025Updated 10 months ago
• smokeme / asar-backdoor

  View on GitHub
  ☆33Mar 19, 2025Updated 10 months ago
• 0xRedpoll / WhatsAppKeyBOF

  View on GitHub
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆88Mar 2, 2025Updated 11 months ago
• Helixo32 / GetSystem-LCI

  View on GitHub
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆35Nov 24, 2024Updated last year
• krystianbajno / cveseeker

  View on GitHub
  💎 Vulnerability assessment and vulnerability intelligence tool searching for vulnerabilities and exploits using keywords across multiple…
  ☆36Nov 12, 2025Updated 3 months ago
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• ryanq47 / CS-EXTC2-ICMP

  View on GitHub
  An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.
  ☆114Oct 6, 2025Updated 4 months ago
• antroguy / GetAccessTokenWithSSOCookie

  View on GitHub
  ☆50Jun 4, 2025Updated 8 months ago
• 0xflux / Hells-Hollow

  View on GitHub
  Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
  ☆214Aug 31, 2025Updated 5 months ago
• Kudaes / CustomEntryPoint

  View on GitHub
  Select any exported function in a dll as the new dll's entry point.
  ☆82Oct 25, 2024Updated last year
• amroes / FlexSheller

  View on GitHub
  ☆12Feb 4, 2025Updated last year
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆39Jan 12, 2026Updated last month
• jaredcatkinson / MalwareMorphology

  View on GitHub
  ☆84Nov 21, 2024Updated last year
• whokilleddb / A-Study-in-Obfuscation

  View on GitHub
  A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
  ☆45Oct 27, 2022Updated 3 years ago
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆198Jun 17, 2025Updated 7 months ago
• Kudaes / MFTool

  View on GitHub
  Direct access to NTFS volumes
  ☆292Sep 9, 2025Updated 5 months ago
• BlackSnufkin / Invoke-DumpMDEConfig

  View on GitHub
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆153Jun 10, 2024Updated last year
• NightBloodZ / CVE-2025-4123

  View on GitHub
  Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF
  ☆54Jul 28, 2025Updated 6 months ago
• badsectorlabs / ludus_adaptix_c2

  View on GitHub
  An Ansible role that install the Adaptix C2 server and/or client on Debian based hosts
  ☆179May 28, 2025Updated 8 months ago
• T0ngF0ngnie / DInvokeFrp

  View on GitHub
  内存加载FRP
  ☆10Sep 11, 2023Updated 2 years ago