{"id":14637734,"url":"https://github.com/Mangofang/BypassLoad","last_synced_at":"2025-09-07T05:32:55.251Z","repository":{"id":218491994,"uuid":"746501888","full_name":"Mangofang/BypassLoad","owner":"Mangofang","description":"shellcode免杀加载器，过主流杀软","archived":false,"fork":false,"pushed_at":"2024-09-29T13:01:08.000Z","size":311,"stargazers_count":131,"open_issues_count":0,"forks_count":16,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-01-02T10:37:32.528Z","etag":null,"topics":["shellcode-loader"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Mangofang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-22T06:02:12.000Z","updated_at":"2024-12-24T01:03:54.000Z","dependencies_parsed_at":"2025-01-02T10:34:59.823Z","dependency_job_id":"9543cec8-ca66-4e4d-867c-8b8752c1b8fe","html_url":"https://github.com/Mangofang/BypassLoad","commit_stats":null,"previous_names":["mangofang/bypassload"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/Mangofang/BypassLoad","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mangofang%2FBypassLoad","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mangofang%2FBypassLoad/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mangofang%2FBypassLoad/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mangofang%2FBypassLoad/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Mangofang","download_url":"https://codeload.github.com/Mangofang/BypassLoad/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mangofang%2FBypassLoad/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273997192,"owners_count":25204496,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["shellcode-loader"],"created_at":"2024-09-10T02:01:11.473Z","updated_at":"2025-09-07T05:32:54.951Z","avatar_url":"https://github.com/Mangofang.png","language":"C#","funding_links":[],"categories":["C# #"],"sub_categories":[],"readme":"# BypassLoad\n**通过远程加载AES + XOR异或加密shellcode的免杀加载器，无过多技术细节。**\n\n| shellcode | 360杀毒    | 火绒 | Defender | 腾讯电脑管家 | VT |\n| --------- | -----------| --- | -------  | ------------- |  --  |\n| Meterpreter  | √       |   √ |    √      | √           |  13/69  |\n| Cobalt Strike| √   |   √ |    √      | √           |   13/69 |\n\n推荐Meterpreter生成shellcode，Cobalt Strike在尝试远程加载的shellcode时可能被360拦截\n\n可自行`加壳`或`修改`程序尝试\n\n**releases程序可能会被杀软hash标记，保证免杀效果请自行编译**\n\n**如果你不知道怎么做，不推荐使用该程序**\n\n## 声明：\n1. 文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，任何人不得将其用于非法用途以及盈利等目的，否则后果自行承担！\n2. 水平不高，纯萌新刚刚开始研究免杀，面向Github编程借鉴了很多大佬的代码。\n3. 目前测试通过360、火绒、腾讯电脑管家、Defender。其他自行测试\n\n## 使用指南\n\n1. 编译BypassLoad和Encrypt\n2. 将shellcode写入shellcode.txt然后运行Encrypt.exe进行加密编码（注意需要手动去除换行）\n3. 将Encrypt.exe加密编码后的数据上传至服务器\n4. 将远程访问链接写入webpath.txt\n5. 运行BypassLoad.exe\n\n注意：存在一段if判断内存是否小于4G，进行简单的反沙箱判断。\n\n## 更新\n2024年03月11日\n  1. 更新2.0 使用.Net内置函数替换原有使用的Windows函数\n  \n2024年01月29日\n  1. 效果优化，更换加载方式\n  2. 不再提供releases，请自行编译\n\n2024年01月26日\n  1. 效果优化\n  2. 请不要将程序放入沙箱，以延长免杀时间\n\n2024年01月24日\n  1. 效果优化，现已免杀Defender\n  2. 现在基于.NET Framework4.7.2框架\n  3. 移除了一段无效代码\n\n\u003cp align=\"center\"\"\u003e\n  \u003cimg src=\"https://github.com/Mangofang/BypassLoad/blob/main/image/%7BCFE2B5D0-BF30-4063-9ADC-6426314F6132%7D.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/Mangofang/BypassLoad/blob/main/image/%7BAB76D9F0-6FF6-424c-BA8C-5AC09209FF61%7D.png\"\u003e\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMangofang%2FBypassLoad","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMangofang%2FBypassLoad","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMangofang%2FBypassLoad/lists"}