Giters

BlackSnufkin / GhostDriver

yet another AV killer tool using BYOVD

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

av-killerbyovdevasionredteamrust

GhostDriver đź‘»

About

GhostDriver is a Rust-built AV killer tool using BYOVD.

Get Started

  1. Install Rust from rust-lang.org
  2. Clone: git clone https://github.com/BlackSnufkin/GhostDriver.git
  3. Build: cargo build --release --target=x86_64-pc-windows-msvc
  4. Run: Execute the GhostDriver binary

Usage:

GhostDriver.exe 2.0
BlackSnufkin
Kills processes by name using a Ghost Driver

USAGE:
    GhostDriver.exe [FLAGS] [OPTIONS]

FLAGS:
    -h, --help       Prints help information
    -v, --version    Prints version information

OPTIONS:
    -n, --name=process_names

EXAMPLES:
        .\GhostDriver.exe -n msmpeng.exe,svchost.exe
        .\GhostDriver.exe --name msmpeng.exe
        .\GhostDriver.exe (uses default processes)
  • Change line 3307 for the defualt Process names
// Define default process names
let default_process_names = vec!["msmpeng.exe"];

POC

gd2

Reference

About

yet another AV killer tool using BYOVD

av-killerbyovdevasionredteamrust

License:GNU General Public License v3.0

Languages

Language:Rust 100.0%