huoji120 / white_patch_detectView external linksLinks
通杀检测基于白文件patch黑代码的免杀技术的后门
☆181Aug 3, 2024Updated last year
Alternatives and similar repositories for white_patch_detect
Users that are interested in white_patch_detect are comparing it to the libraries listed below
Sorting:
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆557May 30, 2025Updated 8 months ago
- 重构Beacon☆164Aug 19, 2024Updated last year
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- 使用Visral Studio开发ShellCode☆234Oct 11, 2023Updated 2 years ago
- 针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and…☆287Aug 20, 2024Updated last year
- 一款基于PE Patch技术的后渗透免杀工具,主要支持x64☆354Mar 5, 2025Updated 11 months ago
- 寻找可利用的白文件☆556Aug 18, 2025Updated 5 months ago
- shellcode生成框架☆89Jul 11, 2024Updated last year
- Binary Hollowing☆94Sep 10, 2024Updated last year
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆201May 28, 2024Updated last year
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆450Mar 11, 2024Updated last year
- 自动化找白文件,用于扫描 EXE 文件的导入表,列出导入的DLL文件,并筛选出非系统DLL,符合条件的文件将被复制到特定的 X64 或 X86 文件夹☆563Dec 14, 2025Updated last month
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,289Jun 21, 2024Updated last year
- 将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密☆367Sep 8, 2022Updated 3 years ago
- 基于个人习惯使用C/C++的shellcode开发项目模板☆50Aug 20, 2024Updated last year
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago
- 哥斯拉webshell管理工具二次开发规避流量检测设备☆1,043Dec 2, 2025Updated 2 months ago
- 入侵痕迹清理/Cleaning up traces of intrusion☆241Nov 6, 2024Updated last year
- 助力每一位RT队员,快速生成免杀木马☆828Apr 17, 2024Updated last year
- Syscall免杀☆511Jun 21, 2024Updated last year
- Pillager是一个适用于后渗透期间的信息收集工具☆1,266Sep 7, 2024Updated last year
- C2-下一代RAT☆490Aug 10, 2024Updated last year
- 一键提取exe的图标、嵌入图标、资源信息、版本信息、修改时间、数字签名,降低程序熵值☆432Dec 17, 2024Updated last year
- Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具☆552Apr 15, 2025Updated 9 months ago
- 渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理☆1,383Feb 28, 2025Updated 11 months ago
- beta☆120Sep 24, 2024Updated last year
- 免杀知识库 | 开源免杀木马效果测试 360 火绒 卡巴斯基 Microsoft Defender | 免杀工具汇总☆342Jun 26, 2025Updated 7 months ago
- 一键修改exe、dll的编译时间、创建时间、修改时间和访问时间☆197Apr 16, 2023Updated 2 years ago
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- 40行代码检测到大部分CobaltStrike的shellcode☆293Jul 25, 2021Updated 4 years ago
- OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。☆676Dec 30, 2022Updated 3 years ago
- 一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。☆788Nov 15, 2024Updated last year
- golang 实现的windows and linux 端口复用工具。☆309Jan 30, 2024Updated 2 years ago
- 一键生成免杀木马的 shellcode 免杀框架☆192Jun 28, 2024Updated last year
- 蓝队应急工具☆541Jun 10, 2024Updated last year
- A BOF/COFF loader implemented in Go and CGO.☆23Jan 16, 2024Updated 2 years ago
- 制作 shellcode 的模板☆31Oct 30, 2024Updated last year
- Using DLL sideloading to hijack the exe main thread before starting it! 使用dll侧载在exe程序主线程启动之前劫持主线程。☆26Jul 25, 2025Updated 6 months ago