etw-bypass

Multilayered AV/EDR Evasion Framework

NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support

Two in one, patch lifetime powershell console, no more etw and amsi!

Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.

A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal builder.

Event Tracing for Windows EDR bypass in Rust (usermode)

code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).

Loads a C# binary in memory within powershell profile, patching AMSI + ETW.

Remove ETW providers from session &ETW session hijack

#IOS#Nyx is a lightweight scripting language that prioritizes simplicity and ease of use. 🌟 With Nyx, you can quickly run scripts and explore creative coding possibilities. 🐙