Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆36May 5, 2026Updated this week
Alternatives and similar repositories for byovd-watchdog
Users that are interested in byovd-watchdog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆24Jul 11, 2025Updated 9 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 8 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆29Jul 25, 2023Updated 2 years ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 8 months ago
- ☆27Dec 29, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆25Feb 18, 2025Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 3 years ago
- Powershell Script to enumerate AzureAD and output good data☆14Nov 8, 2023Updated 2 years ago
- Sample Rust Hooking Engine☆34Apr 5, 2024Updated 2 years ago
- ☆50Jul 9, 2025Updated 9 months ago
- Remote Thread Detection with a Kernel Driver☆35Jan 14, 2025Updated last year
- Lightweight x86-64 instruction length disassembler (LDE)☆35Jun 17, 2023Updated 2 years ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 8 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 8 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- System Call Integrity Layer - experimental security research☆26Apr 14, 2026Updated 3 weeks ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 11 months ago
- .NET tool used to enrich RPC telemetry☆102Jan 24, 2026Updated 3 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆144Apr 6, 2025Updated last year
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated 3 months ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆134Updated this week
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 6 months ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated last year
- GreenLambert macOS IDA plugin to deobfuscate strings☆14Oct 4, 2021Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Process Injection using Thread Name☆311Apr 18, 2025Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 3 months ago
- Mythic C2 Agent written in x64 PIC C☆87Jan 29, 2025Updated last year
- ☆34Mar 19, 2025Updated last year
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆226Aug 31, 2025Updated 8 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated last month
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- DeadManSwitch in rust with several triggers (remote local and network)☆17Nov 19, 2025Updated 5 months ago
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- flash钓鱼 flash水坑攻击最新版源码☆65Feb 10, 2023Updated 3 years ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆203Jun 17, 2025Updated 10 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆21Dec 3, 2024Updated last year
- A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.☆24May 4, 2023Updated 3 years ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆120Oct 6, 2025Updated 7 months ago
- fork 自 https://gitlab.com/eshard/d810 添加了参考文章、测试样本,作为备份。☆16Nov 18, 2021Updated 4 years ago
- Direct access to NTFS volumes☆295Sep 9, 2025Updated 8 months ago