BlackSnufkin / NyxInvoke
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
☆184Updated last week
Alternatives and similar repositories for NyxInvoke:
Users that are interested in NyxInvoke are comparing it to the libraries listed below
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆172Updated 2 months ago
- Port of Cobalt Strike's Process Inject Kit☆165Updated 2 months ago
- ☆139Updated 6 months ago
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆155Updated last month
- Leverage WindowsApp createdump tool to obtain an lsass dump☆145Updated 5 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆343Updated 2 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆278Updated 3 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 8 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆185Updated 4 months ago
- Stage 0☆153Updated 2 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆216Updated 2 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆283Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆193Updated 5 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆173Updated 11 months ago
- Just another C2 Redirector using CloudFlare.☆86Updated 9 months ago
- ☆120Updated last year
- ☆164Updated 3 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆180Updated last year
- Sleep obfuscation☆208Updated 2 months ago
- Extracting NetNTLM without touching lsass.exe☆233Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆208Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆313Updated last year
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆133Updated 3 months ago
- A Mythic Agent written in PIC C.☆171Updated 2 weeks ago
- My implementation of the GIUDA project in C++☆167Updated last year
- ☆122Updated 5 months ago
- Some Rust program I wrote while learning Malware Development☆123Updated 2 weeks ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆117Updated 4 months ago
- Bypass LSA protection using the BYODLL technique☆154Updated 4 months ago