Multilayered AV/EDR Evasion Framework
-
Updated
Sep 3, 2024 - C++
Multilayered AV/EDR Evasion Framework
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
Two in one, patch lifetime powershell console, no more etw and amsi!
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
Event Tracing for Windows EDR bypass in Rust
code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).
Loads a C# binary in memory within powershell profile, patching AMSI + ETW.
Add a description, image, and links to the etw-bypass topic page so that developers can more easily learn about it.
To associate your repository with the etw-bypass topic, visit your repo's landing page and select "manage topics."