Skip to content

LongWayHomie/Invoke-Knockout

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Invoke-Knockout
Invoke-Knockout
 
 
Invoke-Knockout.png
Invoke-Knockout.png
 
 
Invoke-Knockout.sln
Invoke-Knockout.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Invoke-Knockout

Just another DLL library built to knockout (bypass) AMSI (Antimalware Scan Interface) and ETW (Event Tracing for Windows) at the same time (so they don't bother you while you do evil things). Based on RastaMouse AmsiBypass and Brendan's Ortiz article on how to bypass AV and EDR.
I have added Powershell script you can use to load the DLL directly to the memory.

Invoke-Knockout

About

A DLL library built to bypass AMSI and ETW. Also can be used directly with PS script.

Resources

Readme

License

Unlicense license
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages