无Windows API的新型恶意程序:自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究,A new type of malicious program without Windows API
☆88Mar 27, 2025Updated 11 months ago
Alternatives and similar repositories for Self-Defective-Program
Users that are interested in Self-Defective-Program are comparing it to the libraries listed below
Sorting:
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- 重构Beacon☆165Aug 19, 2024Updated last year
- 使用Visral Studio开发ShellCode☆234Oct 11, 2023Updated 2 years ago
- golang 实现的windows and linux 端口复用工具。☆309Jan 30, 2024Updated 2 years ago
- 免杀与恶意软件开发☆245Jan 4, 2026Updated last month
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆561May 30, 2025Updated 9 months ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- golang实现通过dcerpc和ntlmssp获取Windows远程主机信息☆28Apr 16, 2024Updated last year
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- 一键提取exe的图标、嵌入图标、资源信息、版本信息、修改时间、数字签名,降低程序熵值☆431Dec 17, 2024Updated last year
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,290Jun 21, 2024Updated last year
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆139Dec 26, 2023Updated 2 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- 寻找可利用的白文件☆556Aug 18, 2025Updated 6 months ago
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆181Aug 3, 2024Updated last year
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆35May 8, 2023Updated 2 years ago
- 本项目是一个远程控制应用,使用 Golang 开发,允许用户通过 Web 界面远程控制和屏幕监控其他计算机。主要功能包括屏幕共享、鼠标和键盘控制以及键盘记录。☆456Jan 30, 2026Updated last month
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- 自定义函数堆栈,从而绕过ETW检测,这个是完整版。☆13Apr 15, 2024Updated last year
- 自动化找白文件,用于扫描 EXE 文件的导入表,列出导入的DLL文件,并筛选出非系统DLL,符合条件的文件将被复制到特定的 X64 或 X86 文件夹☆563Dec 14, 2025Updated 2 months ago
- An HTTP client specifically developed for security researchers☆28Dec 8, 2025Updated 2 months ago
- Multilingual backdoor☆66May 9, 2024Updated last year
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆350Jan 8, 2024Updated 2 years ago
- 针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and…☆287Aug 20, 2024Updated last year
- 一个demo☆23Apr 2, 2024Updated last year
- A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具,支持正向,反向socks5代理隧道的搭建,支持跨平台使用。☆466Mar 2, 2025Updated 11 months ago
- 收集云沙箱上线C2的ip,如微X、奇XX、3X0、virustX等☆125Oct 23, 2023Updated 2 years ago
- EDR绕过demo☆294Jan 14, 2024Updated 2 years ago
- OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。☆676Dec 30, 2022Updated 3 years ago
- Rust 重构的 sRDI☆17Sep 9, 2024Updated last year
- No One(无名):Next Generation Polyglot Website Manager☆73Updated this week
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆201May 28, 2024Updated last year
- Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 基于 ANTLR 实现语法分析和完整的 XRAY YAML 规则实现 | 简单…☆182Jul 10, 2025Updated 7 months ago
- WeblogicScan一键检测☆128May 6, 2024Updated last year
- Beacon compiled using clang☆72Jan 22, 2023Updated 3 years ago
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆451Mar 11, 2024Updated last year
- ☆13Oct 27, 2023Updated 2 years ago
- CobaltStrike beacon written in golang☆458Oct 13, 2023Updated 2 years ago
- 关于RPC一些绕EDR的tips☆198Mar 3, 2023Updated 2 years ago