Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
☆38May 21, 2026Updated 3 weeks ago
Alternatives and similar repositories for byovd-watchdog
Users that are interested in byovd-watchdog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆24Jul 11, 2025Updated 11 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 9 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆29Jul 25, 2023Updated 2 years ago
- ☆19Sep 17, 2025Updated 9 months ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆27Dec 29, 2021Updated 4 years ago
- ☆25Feb 18, 2025Updated last year
- ☆13Oct 10, 2018Updated 7 years ago
- Process Injection using Thread Name☆308Apr 18, 2025Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 3 years ago
- Powershell Script to enumerate AzureAD and output good data☆14Nov 8, 2023Updated 2 years ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Sample Rust Hooking Engine☆34Apr 5, 2024Updated 2 years ago
- ☆50Jul 9, 2025Updated 11 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Proof Of Concepts☆56Jan 4, 2026Updated 5 months ago
- Remote Thread Detection with a Kernel Driver☆35Jan 14, 2025Updated last year
- ☆10Dec 28, 2023Updated 2 years ago
- Lightweight x86-64 instruction length disassembler (LDE)☆35Jun 17, 2023Updated 3 years ago
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 10 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆138Aug 31, 2025Updated 9 months ago
- System Call Integrity Layer - experimental security research☆27Apr 14, 2026Updated 2 months ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- .NET tool used to enrich RPC telemetry☆102Jan 24, 2026Updated 4 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆28Jun 2, 2024Updated 2 years ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆144Apr 6, 2025Updated last year
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated 4 months ago
- ☆17Apr 10, 2025Updated last year
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 7 months ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated last year
- GreenLambert macOS IDA plugin to deobfuscate strings☆14Oct 4, 2021Updated 4 years ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 5 months ago
- DSE & PG bypass via BYOVD attack☆81Jul 12, 2025Updated 11 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Misery Loader to bypass modern EDR solutions☆19Dec 20, 2024Updated last year
- Dumping processes using a kernel-mode driver.☆20Nov 10, 2021Updated 4 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆129Sep 9, 2022Updated 3 years ago
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- ☆34Mar 19, 2025Updated last year
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆232Aug 31, 2025Updated 9 months ago
- DWM hooking-based screenshot tool☆35Sep 13, 2025Updated 9 months ago