Exploitation Tools

NyxInvoke – A Comprehensive Guide To Advanced Execution Techniques In Rust

NyxInvoke is a versatile Rust-based tool designed for executing .NET assemblies, PowerShell commands/scripts, and Beacon Object Files (BOFs) with built-in patchless AMSI and ETW bypass capabilities.

It can be compiled as either a standalone executable or a DLL.

Features

  • Execute .NET assemblies
  • Run PowerShell commands or scripts
  • Load and execute Beacon Object Files (BOFs)
  • Built-in patchless AMSI (Anti-Malware Scan Interface) bypass
  • Built-in patchless ETW (Event Tracing for Windows) bypass
  • Support for encrypted payloads with AES decryption
  • Flexible input options: local files, URLs, or compiled-in data
  • Dual-build support: can be compiled as an executable or a DLL

Building

NyxInvoke can be built as either an executable or a DLL. Use the following commands:

Executable

cargo +nightly build --release --target=x86_64-pc-windows-msvc --features exe --bin NyxInvoke

DLL

cargo +nightly build --release --target=x86_64-pc-windows-msvc --features dll --lib

To include compiled-in CLR or BOF data, add the respective features:

cargo +nightly build --release --target=x86_64-pc-windows-msvc --features=exe,compiled_clr,compiled_bof --bin NyxInvoke

or

cargo +nightly build --release --target=x86_64-pc-windows-msvc --features=dll,compiled_clr,compiled_bof --lib

Usage

Executable Mode

The executable supports three main modes of operation:

  1. CLR Mode (.NET assembly execution)
  2. PowerShell Mode
  3. BOF Mode (Beacon Object File execution)

General Syntax

NyxInvoke.exe <mode> [OPTIONS]

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 hours ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

24 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

1 day ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

1 day ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

1 day ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

1 day ago