[byt3bl33d3r]

Author of the OffensiveNim repo here.

This is a problem that's existed since the creation of the AV/EDR industry and is not going away as vendors have 0 motivation to address it. All programming languages have had to deal with this issue, this is definitely not targeted towards the Nim language.

- If you're a Nim developer trying to deploy a production app in a Windows environment: get a code signing cert and slap it on your application (signing the compiler won't help).

- If you're trying to develop a Nim app in an organization that has an EDR/AV deployed: you're going to have to talk with your friendly neighborhood security folks and work with them to whitelist the Nim compiler, tooling and folders where you work with Nim code.

You'll still be subjected to the EDR/AVs WinAPI hooking and behavioral heuristics even with the code signing cert and sometimes even after whitelisting depending on the product so you still might get issues were the AV/EDR is affecting your application but at least it won't straight up quarantine it and go ape shit.

EDIT: just to be clear, the root cause of this is the AV/EDR industry not doing due diligence. Unfortunately, I'm very skeptical of them doing anything about this as their entire business model revolves around "cast a wide net in the attempt to catch as many things as possible".