杀毒软件及免杀技巧资源汇总Anti-av

杀毒软件及免杀技巧资源汇总Anti-av

杀软和免杀有关资料,包括200+工具和1300+文章
Payload,Shellcode,混淆,PowerShell,隐写,注入,远控,Anti-av,绕过杀软

杀毒软件及免杀技巧资源汇总Anti-av

veil

工具


文章

ASWCrypter


工具

AVIator


工具


文章

Avet


工具


文章

Avoidz


工具

  • [119星][12d] [Ruby] m4sc3r4n0/avoidz Avoidz tool to bypass most A.V softwares

BDF


工具


文章

CACTUSTORCH


工具


文章

DKMC


工具

  • [761星][1y] [Py] mr-un1k0d3r/dkmc DKMC – Dont kill my cat – Malicious payload evasion tool

文章

GreatSCT


工具

  • [778星][2y] [Py] greatsct/greatsct 生成绕过常见防病毒解决方案和应用程序白名单解决方案的metasploit payload

文章

Green-Hat-Suite


工具

  • [107星][12d] [Ruby] green-m/green-hat-suite Green hat suite是一个生成MeterProgram/shell的工具,它可以避开防病毒软件.

HERCULES


工具

  • [471星][3y] [Go] egebalci/hercules 大力神是一种特殊的有效载荷器,可以绕过反病毒软件。

文章

Python-Rootkit


工具

SharpShooter


工具


文章

SpookFlare


工具

  • [780星][1y] [Py] hlldz/spookflare 加载程序、dropper生成器,具有绕过客户端和网络端对策的多个功能。

文章

TheFatRat


工具

  • [3659星][3m] [C] screetsec/thefatrat 大规模漏洞利用工具
  • [20星][4y] [C] exploit-install/thefatrat 使用msfvenom(metasploit框架的一部分)生成后门的简单工具。该工具使用流行的负载编译恶意软件,然后可以在windows、android、mac上执行编译的恶意软件。使用此工具创建的恶意软件还可以绕过大多数AV软件保护

文章

Venom


工具


文章

Winpayloads


工具


文章

nps_payload


工具

  • [331星][12d] [Py] trustedsec/nps_payload Python 脚本,生成能够绕过基础入侵检测的 payload
  • [32星][2m] [Py] fsacer/nps_payload This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (

文章

zirikatu


工具


文章

unicorn


工具

  • [2209星][4m] [Py] trustedsec/unicorn 通过PowerShell降级攻击, 直接将Shellcode注入到内存

Shellter


文章

dr0p1t


工具


文章

phantom


工具

  • [778星][4m] [Py] oddcod3/phantom-evasion 一个用python编写的防病毒规避工具(与python和python3兼容),能够生成(几乎)完全不可检测的可执行文件,即使是使用最常见的x86 msfvenom负载。

文章

morphaes


工具

  • [262星][2y] [Py] cryptolok/morphaes 多态shellcode引擎,具有变态特性并能够绕过沙箱,绕过IDPS检测

文章

unibyav


工具

  • [195星][2y] [Py] mr-un1k0d3r/unibyav a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.

armor


工具

  • [186星][2y] [Shell] tokyoneon/armor Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

foolav


工具

  • [177星][1m] [C] hvqzao/foolav Pentest tool for antivirus evasion and running arbitrary payload on target Wintel host
  • [87星][2m] [C] hvqzao/foolavc foolav successor – loads DLL, executable or shellcode into memory and runs it effectively bypassing AV

文章

Inception


工具

  • [307星][2y] [Py] two06/inception Provides In-memory compilation and reflective loading of C# apps for AV evasion.

CarbonCopy


工具

  • [708星][12m] [Py] paranoidninja/carboncopy A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

metasploitavevasion


工具

SideStep


工具


文章

nativepayload_dns


工具

HackTheWorld


工具

Salsa-tools


工具

  • [322星][3m] [C#] hackplayers/salsa-tools ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched

mcreator


工具

杀毒软件


ClamAV

工具

  • [1064星][10d] [C++] cisco-talos/clamav-devel 开源AV引擎ClamAV
  • [409星][11d] cisco-talos/clamav-faq ClamAV FAQ
  • [354星][15d] [Shell] extremeshok/clamav-unofficial-sigs ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com
  • [266星][17d] [Shell] essandess/macos-fortress Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
  • [86星][11d] [Dockerfile] mko-x/docker-clamav Dockerized open source antivirus for use with file sharing containers, REST API or TCP.
  • [81星][17d] [Py] momika233/clamav_0day_exploit ClamAV_0Day_exploit
  • [60星][12d] [Ruby] kobaltz/clamby ClamAV interface to your Ruby on Rails project.
  • [43星][7y] [Py] sketchymoose/totalrecall Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
  • [38星][2m] [C++] cisco-talos/clamav-bytecode-compiler ClamAV ByteCode Compiler
  • [35星][2y] [Py] cisco-talos/casc 在IDA的反汇编和字符串窗口中, 辅助创建ClamAV NDB 和 LDB签名
  • [33星][4m] [Perl] tripflex/cpsetup Intuitive bash/shell script to setup and harden/configure cPanel CentOS/RHEL server with ConfigServer Firewall, MailManage, MailQueue, Malware Detect, ClamAV, mod_cloudflare, CloudFlare RailGun, and many more applications and security tweaks
  • [28星][6m] brandonprry/clamav-fuzz A fuzz job for ClamAV
  • [23星][24d] geerlingguy/ansible-role-clamav Ansible Role – ClamAV.
  • [11星][1y] [C#] rmuch/clamav.managed ClamAV bindings for the .NET Framework, Mono and PowerShell. ClamAV.Managed is a library written in C# for the .NET Framework and Mono, providing managed bindings for the libclamav interface. It includes ClamAV.Managed.PowerShell, a set of PowerShell cmdlets for ClamAV scanning. It comes with sample code for building a GUI virus scanner applicat…
  • [10星][3m] [Py] abhinavbom/clara Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  • [9星][1y] [Go] monostream/muescheli A simple AntiVirus-as-a-Service implementation using ClamAV
  • [4星][1y] [Py] hestat/clamav-cortexanalyzer Analyzer for TheHive Cortex Soc platform. Allows you to run observables against default and custom ClamAV rules.
  • [2星][1m] [Ruby] simp/pupmod-simp-clamav The SIMP clamav Puppet Module

文章


phpmussel

工具

  • [312星][13d] [PHP] phpmussel/phpmussel PHP-based anti-virus anti-trojan anti-malware solution.

AntiSpy

工具

  • [717星][15d] [C] mohuihui/antispy AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.

文章


TinyAntivirus

工具

  • [296星][3y] [C++] develbranch/tinyantivirus TinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.

yourav

工具


Armadito

工具


kicomav

工具

  • [197星][12d] [Py] hanul93/kicomav KicomAV是一个开源(GPL v2)防病毒引擎,用于检测恶意软件并对其进行杀毒。

工具

  • [335星][14d] [Java] widdix/aws-s3-virusscan S3 Buckets反病毒
  • [107星][2y] [C] formyown/alesense-antivirus 一款拥有完整交互界面与驱动级拦截能力的开源杀毒软件
  • [33星][3y] [Py] jkkj93/mint-webshell-defender 薄荷WEBSHELL防御系统,是一款WEBSHELL查杀/防御软件,采用PYTHON编写
  • [26星][4y] [Java] whyalwaysmea/mobilesafe 这是一个android版的手机卫士,包含一下功能:1.手机防盗 2. 黑名单设置 3.软件管理 4.进程管理 5.流量统计 6.缓存清理 7.手机杀毒 8.来电归属地显示 9.号码归属地查询 10.程序锁
  • [12星][4y] [C++] majian55555/mjantivirusengine Anti-virus engine in Windows using VC++ 6.0 and MFC. We applied windows multithreading in virus scan method and user interface. Using MFC encapsulated threads library and Win32 APIs as well.
  • [9星][5m] [VBScript] zelon88/hr-av A fully original Windows anti-virus client from HonestRepair using the same custom antivirus engine as our Cloud.
  • [1星][2y] zhiyuanwang-chengdu-qihoo360/superantispyware_poc SUPERAntiSpyware CVE

白利用


文章-白利用


文章-白加黑


文章-LOLBins

SysWhispers


文章

工具


资源收集

  • [564星][1y] [ASP] landgrey/webshell-detect-bypass 绕过专业工具检测的Webshell研究文章和免杀的Webshell
  • [465星][3m] [C#] tidesec/bypassantivirus 远控免杀系列文章及配套工具,搜集汇总了互联网上的几十种免杀工具和免杀方法,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。

新添加

文章


新添加


Msfvenom

Msfvenom

Youtube

hackingarticles


AntiVirus


杀软/杀毒/杀


远控免杀从入门到实践


恶意代码


webshell

from github