BlackSnufkin / NyxInvokeLinks
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
☆223Updated 6 months ago
Alternatives and similar repositories for NyxInvoke
Users that are interested in NyxInvoke are comparing it to the libraries listed below
Sorting:
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆187Updated 6 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 8 months ago
- Port of Cobalt Strike's Process Inject Kit☆184Updated 8 months ago
- Sleep obfuscation☆231Updated 8 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆252Updated 4 months ago
- Some Rust program I wrote while learning Malware Development☆140Updated 6 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆171Updated 4 months ago
- Stage 0☆163Updated 8 months ago
- DLL proxying for lazy people☆181Updated last month
- A Mythic agent for Windows written in C☆132Updated last month
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆174Updated 5 months ago
- Ghosting-AMSI☆211Updated 4 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆143Updated 4 months ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆253Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆111Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆162Updated last year
- Code execution/injection technique using DLL PEB module structure manipulation☆161Updated 2 months ago
- BOF with Synthetic Stackframe☆164Updated 6 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆168Updated 4 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆116Updated 8 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆270Updated 11 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆153Updated 9 months ago
- Bypass LSA protection using the BYODLL technique☆168Updated 11 months ago
- ☆130Updated 5 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆304Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post☆229Updated 9 months ago
- ☆124Updated 11 months ago
- Shaco is a linux agent for havoc☆165Updated last year
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆139Updated 3 weeks ago
- Shellcode loader that executes embedded Lua from Rust.☆122Updated 8 months ago