{"id":20086023,"url":"https://github.com/brosck/reaper","last_synced_at":"2025-04-04T21:07:55.117Z","repository":{"id":225347979,"uuid":"694438640","full_name":"brosck/Reaper","owner":"brosck","description":"γ€ŒπŸ’€γ€Proof of concept on BYOVD attack","archived":false,"fork":false,"pushed_at":"2024-12-07T01:52:58.000Z","size":10805,"stargazers_count":155,"open_issues_count":0,"forks_count":34,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-28T20:07:28.747Z","etag":null,"topics":["byovd","development","hacking","malware","offensivesecurity","redteam","security","windows"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brosck.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-21T02:09:48.000Z","updated_at":"2025-03-10T14:15:43.000Z","dependencies_parsed_at":"2025-02-27T12:23:41.005Z","dependency_job_id":"ccf32c8d-2391-413d-886d-8650bc479b2a","html_url":"https://github.com/brosck/Reaper","commit_stats":null,"previous_names":["mrempy/reaper","brosck/reaper"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brosck%2FReaper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brosck%2FReaper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brosck%2FReaper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brosck%2FReaper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brosck","download_url":"https://codeload.github.com/brosck/Reaper/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247249525,"owners_count":20908212,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["byovd","development","hacking","malware","offensivesecurity","redteam","security","windows"],"created_at":"2024-11-13T15:59:59.892Z","updated_at":"2025-04-04T21:07:55.092Z","avatar_url":"https://github.com/brosck.png","language":"C++","funding_links":["https://www.buymeacoffee.com/mrempy"],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003eγ€ŒπŸ’€γ€ About Reaper\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"assets/image.png\" leigth=\"312\" width=\"312\"/\u003e\u003c/p\u003e\n\nReaper is a proof-of-concept designed to exploit BYOVD (Bring Your Own Vulnerable Driver) driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions.\n\nReaper was specifically designed to exploit the vulnerability present in the kprocesshacker.sys driver in version 2.8.0.0, taking advantage of its weaknesses to gain privileged access and control over the target system.\n\n**Note:** Reaper does not kill the Windows Defender process, as it has a protection, Reaper is a simple proof of concept.\n\n## Features\n\n* Kill process\n* Suspend process\n\n## Help\n\n```\n ____\n / __ \\___ ____ _____ ___ _____\n / /_/ / _ \\/ __ `/ __ \\/ _ \\/ ___/\n / _, _/ __/ /_/ / /_/ / __/ /\n /_/ |_|\\___/\\__,_/ .___/\\___/_/\n /_/\n\n [Coded by Brosck]\n [v1.0]\n\nUsage: C:\\Windows\\Temp\\Reaper.exe [OPTIONS] [VALUES]\n Options:\n sp, suspend process\n kp, kill process\n\n Values:\n PROCESSID process id to suspend/kill\n\n Examples:\n Reaper.exe sp 1337\n Reaper.exe kp 1337\n```\n\n## Demonstration\n\n![](assets/poc.png)\n\n## Install\n\nYou can compile it directly from the source code or [download it already compiled](https://github.com/brosck/Reaper/releases/). You will need Visual Studio 2022 to compile.\n\n**Note:** The executable and driver must be in the same directory.\n\n\n## Buy me a coffee?\n\n\u003ca href=\"https://pixgg.com/MrEmpy\" target=\"_blank\"\u003e\n \u003cimg src=\"https://pixgg.com/img/logo-darkmode.046d3b61.svg\" height=\"30\" widght=\"30\"\u003e\n\u003c/a\u003e\n\u003c/br\u003e\n\u003c/br\u003e\n\u003ca href=\"https://www.buymeacoffee.com/mrempy\" target=\"_blank\"\u003e\n \u003cimg src=\"https://play-lh.googleusercontent.com/aMb_Qiolzkq8OxtQZ3Af2j8Zsp-ZZcNetR9O4xSjxH94gMA5c5gpRVbpg-3f_0L7vlo\" height=\"50\" widght=\"50\"\u003e\n\u003c/a\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrosck%2Freaper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrosck%2Freaper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrosck%2Freaper/lists"}