byovd

Kernel Driver Utility

🤖 Kill The Protected Process 🤖

BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).

yet another AV killer tool using BYOVD

Windows rootkit designed to work with BYOVD exploits

「💀」Proof of concept on BYOVD attack

Driver Reverse & Exploitation

DSE & PG bypass via BYOVD attack

PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.

「⚠️」Performing a BYOVD on the truesight.sys driver

BYOVD hunter to help prioritize windows drivers worth manual analysis

Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.

Some basic info, resources, and code snippets about windows kernel exploitation

📟 a tiny code that performs kernel-mode read/write using CVE-2023-38817.

Dump ntoskrnl.exe important offsets for building your navigation system in the Windows Kernel, using Radare2 and Rust

BYOVD IOCs (Based LOLDrivers)

🛠️ Master kernel memory operations with the BYOVD_read_write_primitive toolkit for educational use, enhancing your skills in secure system testing.

CVE-2022-22077 is a high-severity vulnerability (CVSS score 7.8) affecting the RTCore64.sys driver distributed with MSI Center

Backstab rewrite in nim, AV/EDR killer

#安全#Chân đả (working on it)