byovd

Kernel Driver Utility

• Updated
• C

BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).

• Updated
• Rust

🤖 Kill The Protected Process 🤖

• Updated
• Rust

yet another AV killer tool using BYOVD

• Updated
• Rust

KslDump — Why bring your own knife when Defender already left one in the kitchen?

• Updated
• Python

Windows rootkit designed to work with BYOVD exploits

• Updated
• C++

PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.

• Updated
• C++

「💀」Proof of concept on BYOVD attack

• Updated
• C++

BYOVD hunter to help prioritize windows drivers worth manual analysis

• Updated
• Rust

Driver Reverse & Exploitation

• Updated
• C

DSE & PG bypass via BYOVD attack

• Updated
• C++

PoC exploit for the vulnerable (eb.sys or UnknownKiller.sys) – weaponized to kill protected EDR/AV processes via BYOVD.

• Updated
• C

「」Performing a BYOVD on the truesight.sys driver

• Updated
• C++

Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.

• Updated
• C

vulnerable drivers for windows machines.

• Updated

📟 a tiny code that performs kernel-mode read/write using CVE-2023-38817.

• Updated
• C++

Some basic info, resources, and code snippets about windows kernel exploitation

• Updated
• Python

A BYOVD technique abuse tool

• Updated
• Rust

Dump ntoskrnl.exe important offsets for building your navigation system in the Windows Kernel, using Radare2 and Rust

• Updated
• Rust

A simple PoC demonstrating the vulnerability in the ThrottleStop.sys driver, showcasing arbitrary physical memory read and write capabilities, as well as virtual-to-physical address translation using Superfetch.

• Updated
• Rust