AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)
☆274Jan 21, 2026Updated 3 months ago
Alternatives and similar repositories for AV-EDR-Killer
Users that are interested in AV-EDR-Killer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just another EDR killer☆137Jan 21, 2026Updated 3 months ago
- PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin☆123Jan 4, 2026Updated 3 months ago
- Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and…☆165Feb 2, 2026Updated 2 months ago
- ☆54May 31, 2025Updated 11 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 6 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Argus-Sliver 是首个基于 Web 端的 Sliver C2 二次开发平台。它利用 Vue3 + FastAPI + sliver-py 构建,旨在为安全研究人员提供一个直觉化、全功能的图形化渗透指挥中心☆56Jan 20, 2026Updated 3 months ago
- C2 writen in Rust & Go powered by Tor network.☆155Oct 30, 2025Updated 6 months ago
- Enumerate active EDR's on the system☆154Sep 23, 2025Updated 7 months ago
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆57Updated this week
- A lightweight Windows Prefetch file parser to extract programs' execution history☆69Jan 12, 2026Updated 3 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- ☆50Nov 26, 2025Updated 5 months ago
- A practical client for ADWS in Golang.☆51Mar 3, 2026Updated last month
- Updated version of a long known self deletion technique to work with 24H2.☆62Jun 9, 2025Updated 10 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- Fully undetectable and evasive ransomware written in Rust, leveraging a BYOVD technique to disable AV/EDR solutions on the infected syste…☆345Feb 24, 2026Updated 2 months ago
- A cross-platform, collaborative C2 for red-teaming. Agents are cross-compilable (e.g, you can generate Windows DLLs on Linux), cross-comp…☆24Mar 7, 2025Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 3 years ago
- IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files.☆118Mar 10, 2026Updated last month
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆31Jan 21, 2024Updated 2 years ago
- Execute shellcode via ASPNET compiler☆61Oct 2, 2025Updated 6 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆220Dec 17, 2025Updated 4 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆65Apr 2, 2025Updated last year
- A self-hosted, real-time collaborative workspace for offensive security assessments.☆41Feb 20, 2026Updated 2 months ago
- Network Fuzzing Framework☆64Jan 17, 2026Updated 3 months ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆102Jan 10, 2026Updated 3 months ago
- Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integrati…☆56Apr 23, 2026Updated last week
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆352Feb 2, 2026Updated 3 months ago
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via …☆155Jan 25, 2026Updated 3 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Mar 7, 2023Updated 3 years ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆440Jun 27, 2025Updated 10 months ago
- BOF template with boflink and mutator kit support☆50Jan 8, 2026Updated 3 months ago
- bof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Read…☆310Updated this week
- Local Privilege Escalation Affecting Millions of Gaming Laptops☆63Jan 19, 2026Updated 3 months ago
- Fairy Law - Compromise or disable EDR security solutions☆71Dec 1, 2025Updated 5 months ago
- Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.☆213Jan 6, 2026Updated 3 months ago