Features

A comprehensive list of EvadeX's features. If you have additional questions about what's listed below, don't hesitate to reach out.

Evasion techniques

Compile-Time API Hashing

Novel Memory Scan Evasion (Caro Kann Execution)

AMSI Patching

ETW Patching

AES-256 Shellcode Encryption

Base32 Shellcode Encoding

Anti-AV Signature Technology

Payload Entropy Reduction

API Hammering

Randomized Polymorphism

Advanced Unlinking of EDR/AV Modules

Anti-debug Capability

Anti-Virtual Machine and Sandbox Capability

Drip Allocation

PPID Spoofing

Coming soon

Shellcode Staging

Coming soon

Obfuscation Customizations

File Bloating

Code Signing

Certificate Stealing

Executable Metadata (Icon, Filename, Copyright, etc.)

Binary Creation and Kill Date

Execution Delay

Product Support and Infrastructure

First-Class API Integration

Online Payload Creation (No AV/EDR exclusion needed)

Direct Line of Communication with Dev Team

Custom Payload Support

Large Payload Support

Built-in Payload Library (Execute Cmd, Add User, etc.)

Predefined EDR Evasion Templates

Coming soon

Executable Customizations

Standard Output Packing Formats (zip, 7zip, img)

DLL Function Name

Domain and hostname wildcard constraints

Watermarking

XLL & SFX Output Formats

DLL Proxying

Coming soon

ClickOnce Application Output Format

Coming soon