Self_Deletion_BOF
Process killer
BOF implementation of a research concept allowing for controlled deletion of processes
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
171 stars
2 watching
23 forks
Language: C
last commit: about 3 years ago Related projects:
Repository | Description | Stars |
---|---|---|
espressocake/ppldump_bof | A tool for dumping the memory contents of a protected process on Windows | 136 |
espressocake/process_protection_level_bof | A tool that helps operators determine the protection level of a process before attempting to access its memory | 51 |
espressocake/defender_exclusions-bof | Tools to determine Windows Defender exclusions | 241 |
espressocake/dll-hijack-search-order-bof | A tool to enumerate the search order of DLL resolution and potentially gain information about a file's mutability. | 141 |
espressocake/firewall_walker_bof | An exploit technique allowing interaction with Windows software firewall via COM interfaces. | 100 |
espressocake/toggle_token_privileges_bof | A tool to add or remove specific privilege rights from the token of the current process | 52 |
espressocake/needle_sift_bof | A tool for searching for specific strings within files using a needle-sift algorithm | 30 |
seventeenman/selfdel-bof | Deletes files regardless of handle occupation to bypass system restrictions | 40 |
espressocake/dll_imports_bof | An enumeration tool to inspect PE files and extract information about loaded DLLs and their imported functions | 83 |
klezvirus/sharpselfdelete | Implementation of a Windows exploitation technique using P/Invoke to delete processes from memory | 147 |
like0x/adddefenderexclusions-bof | A tool to add exclusions to a security system's defender to prevent false positives or unwanted alerts | 32 |
lloydlabs/delete-self-poc | A tool to delete locked or running files from disk by manipulating the current process's handle and file disposition | 505 |
outflanknl/findobjects-bof | An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles | 266 |
octoberfest7/killdefender_bof | A tool that allows an attacker to elevate privileges and gain control over the Windows Defender service | 62 |
heppu/gkill | An interactive process killer tool for Linux and macOS that allows users to filter and kill processes using keyboard navigation. | 316 |