Syscall免杀

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

助力每一位RT队员，快速生成免杀木马

千机-红队免杀木马自动生成器 Bypass defender、火绒、360等国内主流杀软 随机加密混淆shellcode快速生成免杀马

Golang weaponization for red teamers.

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

A simple, semantic and developer-friendly golang crypto package

*fork* of https://github.com/burrowers/garble

Command line tool to edit resources of exe

免杀框架

EDR绕过demo

This repo contains C/C++ snippets that can be handy in specific offensive scenarios.

整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术，并搜集汇总了一些资料和工具。

Shoggoth: Asmjit Based Polymorphic Encryptor

Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists

Callback Function Loader Implemented in Go

EXE转ShellCode工具

This is my FirstRepository

掩日 - 免杀执行器生成工具

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

A list of python tools to help create an OPSEC-safe Cobalt Strike profile.

windows-rs shellcode loaders

学习免杀的笔记

Yaegi is Another Elegant Go Interpreter

Alternative Shellcode Execution Via Callbacks

bypassAll静态引擎，如绕过QVM，绕过VT所有静态引擎

Converts PE into a shellcode

将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密

darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。