Repository profile
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
Repository updates
Get generated gmh5225/mhydeath development summaries by email, or follow the weekly and monthly RSS feeds.
Sign in to subscribe by email. RSS feeds are public.
Sign in to subscribeTracked growth, recent movement, and commit velocity from stored repository snapshots.
Latest capture 2026-06-24 13:44
1 capture since 2026-06-24
Stars from baseline 0
All tracked data
Frameworks, package managers, ecosystems, and dependency manifests found during catalog scans.
Scanned 2026-06-24 13:44
mhydeath.sln
dotnet ecosystem,
0 dependencies
Searchable topics, generated tags, and stack labels that explain where this repository fits.
Agent instructions and tool configuration paths found in the repository tree.
Nearest indexed repositories by embedding similarity.
PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.
A lib that allows using mhyprot2 driver for enum process modules, r/w process memory and kill process.
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
It's pointy and it hurts!
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
Me fockin' pe protector
