umpolungfish / byvalverView external linksLinks
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities
☆57Updated this week
Alternatives and similar repositories for byvalver
Users that are interested in byvalver are comparing it to the libraries listed below
Sorting:
- A self-hosted, real-time collaborative workspace for offensive security assessments.☆36Jan 27, 2026Updated 2 weeks ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆119Dec 23, 2025Updated last month
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 4 months ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- Phantom Keylogger is an advanced, stealth-enabled keystroke and visual intelligence gathering system.☆74Dec 10, 2025Updated 2 months ago
- Chisel new generation, written in rust. SSH under WSS with some customization.☆125Jan 24, 2026Updated 3 weeks ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆120Sep 8, 2024Updated last year
- A cross-platform C++ framework for building Windows shellcode☆81Updated this week
- A custom SentinelOne USB scanner.☆18Mar 26, 2022Updated 3 years ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆36Dec 12, 2025Updated 2 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 7 months ago
- Try to transport the tcpip stack of ReactOS to Windows XP.☆17Feb 27, 2014Updated 11 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated last month
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆51May 16, 2025Updated 8 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆136Aug 31, 2025Updated 5 months ago
- Low-level MS Windows registry files analysis tools☆19May 5, 2016Updated 9 years ago
- Finding Truth in the Shadows☆120Jan 26, 2023Updated 3 years ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆19Apr 4, 2023Updated 2 years ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆97Oct 18, 2025Updated 3 months ago
- ☆26Mar 6, 2025Updated 11 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆48Nov 2, 2025Updated 3 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆137Apr 12, 2024Updated last year
- ☆53Mar 26, 2025Updated 10 months ago
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated 9 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆63Jan 19, 2026Updated 3 weeks ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated 10 months ago
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆68Jan 27, 2026Updated 2 weeks ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- A single header library for simply creating statically allocated state machines.☆27Feb 19, 2025Updated 11 months ago
- Guide on using the PPPwnGo GUI tool☆11Sep 26, 2024Updated last year
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 8 months ago
- ☆27Oct 15, 2025Updated 4 months ago
- ☆163Jun 12, 2025Updated 8 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆28Jun 2, 2024Updated last year
- Test bench lab for Shellcode Obfuscation☆34Sep 2, 2025Updated 5 months ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆27Sep 12, 2024Updated last year
- User-mode implementation of HTTP.SYS. Implements HTTP 1.1 of the "HTTP Server API 2.0" for web servers☆44Feb 17, 2025Updated 11 months ago