Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaigndelete-self-poc Description
The delete-self-poc is a demonstration of a method to delete a locked executable or currently running file from disk. This concept was initially discovered by Jonas Lykkegaard, and I have created the proof of concept (POC) for it. Additionally, it can be used to delete locked files on disk, provided that the current calling process has the necessary permissions to access and delete them. How does this work, though - in this POC? - Open a HANDLE to the current running process with DELETE access. Note that only DELETE access is required. - Use the SetFileInformationByHandle function to rename the primary file stream, :$DATA, to :wtfbbq. - Close the HANDLE. - Open a HANDLE to the current process and set the DeleteFile flag of the FileDispositionInfo class to TRUE. - Close the HANDLE to trigger the file disposition. Voila! The file is now gone. Releases: I have included a statically linked release within this repository, if you can't be bothered compiling the original source code.
delete-self-poc FAQ
Common questions about delete-self-poc including features, pricing, alternatives, and user reviews.
delete-self-poc is A demonstration of a method to delete a locked executable or currently running file from disk. It is a Security Operations solution designed to help security teams with Open Source, Red Team.
delete-self-poc is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/LloydLabs/delete-self-poc/ for download and installation instructions.
Popular alternatives to delete-self-poc include:
1.Havoc Framework - Open-source C2 framework for red team ops and adversary simulation. (Free)
2.InvisibilityCloak - InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection. (Free)
3.Modlishka - Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications. (Free)
4.PwnAuth - PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises. (Free)
5.RedGuard - RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities. (Free)
Compare all delete-self-poc alternatives at https://cybersectools.com/alternatives/delete-self-poc
delete-self-poc is for security teams and organizations that need Open Source, Red Team. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
