Jlaive Purgatory is an antivirus evasion tool that can convert executables into undetectable batch files. Obfuscated .NET assemblies are not guaranteed to work.
- .NET/Native (x64) support
- AES 256 /XOR encryption
- Compression
- Anti Debug
- Anti VM
- Melt file (self delete)
- Bind files
- AMSI bypass
- ETW bypass
- API unhooking
Demo video with AsyncRat vs Microsoft Defender: https://vimeo.com/717794371
Demo video with DCRAT vs Microsoft Defender: https://vimeo.com/717794371
Hidden
option does not work on Windows Terminal.- Not compatible with Python EXEs.
- Remove the use of
Add-Type
for decryption and decompression
C# RunPE: https://github.com/nettitude/RunPE
SharpUnhooker: https://github.com/GetRektBoy724/SharpUnhooker
This project was made for educational purposes only. I am not responsible if you choose to use this illegally/maliciously.