14 skills found
optiv / Freeze.rsFreeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
0xflux / SanctumSanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
xM0kht4r / VEN0m RansomwareFully undetectable and evasive ransomware written in Rust, leveraging a BYOVD technique to disable AV/EDR solutions on the infected systems.
Karib0u / RustinelRust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.
0xflux / Rust Hells GateRust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
thiagopeixoto / MassayoMassayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL
0xflux / ETW Bypass RustEvent Tracing for Windows EDR bypass in Rust (usermode)
melotic / NanostormAn (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
JayGLXR / RustySpyA powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure data exfiltration and EDR suppression features.
Nariod / RonflexAttempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pentesters. Written in Rust.
0xflux / Rust APC Queue InjectionAPC Queue Injection EDR Evasion in Rust
Teach2Breach / Rust PyramidRust project that leverages the signed embeddable python package to evade EDR.
RajKumarSingh065 / Polymorphic MalwareA modular Rust engine simulating polymorphic malware with runtime AES-encrypted shellcode loading, sleep obfuscation, and EDR evasion. Features mutation engine, Windows API execution flow, and a native eframe GUI for controlled payload emulation.
zwsyscall / Syscall Winapi RustA demo of how to utilize syscalls in Rust to avoid EDR hooks.
