OP 13 February, 2023 - 09:50 PM
✔️JlaiveJlaive is an antivirus evasion tool that can convert executables into undetectable batch files. Obfuscated .NET assemblies are not guaranteed to work.
✔️Features
Demo video with DCRAT vs Microsoft Defender: https://www.youtube.com/watch?v=Rz90fPWWDy0
✔️Known issues
SharpUnhooker: https://github.com/GetRektBoy724/SharpUnhooker
✔️DisclaimerThis project was made for educational purposes only. I am not responsible if you choose to use this illegally/maliciously.
✔️Features
- .NET/Native (x64) support
- AES 256 /XOR encryption
- Compression
- Anti Debug
- Anti VM
- Melt file (self delete)
- Bind files
- AMSI bypass
- ETW bypass
- API unhooking
Demo video with DCRAT vs Microsoft Defender: https://www.youtube.com/watch?v=Rz90fPWWDy0
✔️Known issues
- option does not work on Windows Terminal.Code:
Hidden
- Not compatible with Python EXEs.
- Remove the use of for decryption and decompressionCode:
Add-Type
SharpUnhooker: https://github.com/GetRektBoy724/SharpUnhooker
✔️DisclaimerThis project was made for educational purposes only. I am not responsible if you choose to use this illegally/maliciously.