SkillAgentSearch skills...

NimBlackout

Kill AV/EDR leveraging BYOVD attack

GenerateConvertImprove

Install / Use

/learn @Helixo32/NimBlackout
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

NimBlackout

Nim Version

Note: This project is for educational purposes only. The use of this code for any malicious activity is strictly prohibited. I am not responsible for any misuse of this software.

NimBlackout is an adaptation of the @Blackout project originally developed in C++ by @ZeroMemoryEx, which consists of removing AV/EDRs using the gmer (BYOVD) driver.

The main reason for this project was to understand how BYOVD attacks work, and then to provide a valid PoC developed in Nim.

All credit must goes to the original author @ZeroMemoryEx.

Usage

  • Compilation
    • Linux 
      nim --os:windows --cpu:amd64 --gcc.exe:x86_64-w64-mingw32-gcc --gcc.linkerexe:x86_64-w64-mingw32-gcc c NimBlackout.nim
    • Windows 
      nim c NimBlackout.nim
  • Put Blackout.sys driver into current directory
  • Launch NimBlackout (with admin privileges) 
    NimBlackout.exe <process name>

In order to prevent restarting process (like MsMpEng.exe), keep the program running.

Demo

Helixo32

View profile

View on GitHub
GitHub Stars397
CategoryDevelopment
Updated14d ago
Forks42
Helixo32/NimBlackout

Languages

Nim

Security Score

80/100

Audited on Mar 25, 2026

No findings