huoji120 / white_patch_detect
通杀检测基于白文件patch黑代码的免杀技术的后门
☆152Updated 7 months ago
Alternatives and similar repositories for white_patch_detect:
Users that are interested in white_patch_detect are comparing it to the libraries listed below
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆128Updated 4 months ago
- ☆56Updated 7 months ago
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆127Updated last year
- 无Windows API的新型恶意程序:自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究,A new type of malicious program without Windows API☆81Updated last week
- 使用Visral Studio开发ShellCode☆189Updated last year
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆140Updated 9 months ago
- 关于RPC一些绕EDR的tips☆164Updated 2 years ago
- Cobalt Strike 二开项目☆182Updated 2 years ago
- 免杀主流防病毒软件☆100Updated last week
- A Blind EDR Project for Educational Purposes☆26Updated 2 months ago
- Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response)…☆64Updated 3 weeks ago
- 白加黑的快速生成器(针对IAT类型)☆95Updated 2 years ago
- Binary Hollowing☆71Updated 6 months ago
- 主要用于隐藏进程真实路径,进程带windows真签名☆102Updated 5 months ago
- 重构Beacon☆153Updated 7 months ago
- Generate DLL Hijacking Payload in batches.☆128Updated 7 months ago
- IDA Python script for generating Windows x86 shellcode with one click☆37Updated last year
- dll劫持、dll hijack、Bypass Antivirus、Red Team☆42Updated 4 months ago
- Redeemer C2是一款使用Rust编写的平台型C2,旨在滥用可信域名的API平台进行命令控制,用来对抗恶意域名巡查,是一款专注于权限维持的C2工具。☆66Updated 2 months ago
- more conveniently Visual-Studio-BOF-template☆62Updated last year
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆67Updated 2 years ago
- 添加计划任务方法集合☆275Updated last year
- PE to shellcode☆26Updated 2 months ago
- XOR 加密 分离免杀☆64Updated last year
- beta☆116Updated 6 months ago
- ☆91Updated 3 years ago
- ☆154Updated 9 months ago
- ☆43Updated 3 months ago
- 通过文件加载和远程URL加载方式实现Shellcode分离加载☆31Updated last year
- 天问之路☆28Updated last month