{"id":14637793,"url":"https://github.com/Pizz33/Qianji","last_synced_at":"2025-09-07T06:30:49.304Z","repository":{"id":196189965,"uuid":"695062051","full_name":"Pizz33/Qianji","owner":"Pizz33","description":"千机-红队免杀木马自动生成器  Bypass defender、火绒、360等国内主流杀软 随机加密混淆shellcode快速生成免杀马","archived":true,"fork":false,"pushed_at":"2024-01-14T11:41:22.000Z","size":89,"stargazers_count":382,"open_issues_count":0,"forks_count":39,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-01-02T10:37:42.622Z","etag":null,"topics":["bypass-antivirus","cobaltstrike","golang","redteam","shellcode"],"latest_commit_sha":null,"homepage":"https://github.com/Pizz33/Qianji","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Pizz33.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-22T09:15:26.000Z","updated_at":"2024-12-30T01:43:00.000Z","dependencies_parsed_at":"2023-09-26T14:57:59.901Z","dependency_job_id":"5b4cee45-3a95-4b49-8f49-c43dfab0ebe4","html_url":"https://github.com/Pizz33/Qianji","commit_stats":null,"previous_names":["pizz33/qianji"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/Pizz33/Qianji","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pizz33%2FQianji","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pizz33%2FQianji/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pizz33%2FQianji/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pizz33%2FQianji/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Pizz33","download_url":"https://codeload.github.com/Pizz33/Qianji/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Pizz33%2FQianji/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274005341,"owners_count":25205934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bypass-antivirus","cobaltstrike","golang","redteam","shellcode"],"created_at":"2024-09-10T02:01:16.186Z","updated_at":"2025-09-07T06:30:48.945Z","avatar_url":"https://github.com/Pizz33.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"\n\u003ch1 align=\"center\"\u003e千机-红队免杀木马自动生成器 By Hyyrent\u003c/h1\u003e\n\n## 停止维护声明\n\n后续开发将作为私有项目使用，停止更新 （主要是楼主懒，想多玩几把心之钢🤡）\n\n如果想要对抗规避国外EDR，建议围绕 `arsenal_kit` 对bin进行二开，shellcode加载器具有局限性\n\n![20240105155414](https://github.com/Pizz33/Qianji/assets/88339946/c58e03c0-0582-477b-bfb4-33230d96b507)\n\n![20240108152922](https://github.com/Pizz33/Qianji/assets/88339946/ebac3bc6-de03-4a7b-8926-12058159daf7)\n\n![image-20231228145503024 (2)](https://github.com/Pizz33/Qianji/assets/88339946/a55a12b0-e238-4797-98f8-0db7f2048c62)\n\n\n## 更新说明\n\n时间 2023/11/15 趁文章上架更新一波基础版，修复之前报毒问题，目前测试360、火绒、def都可以过，但可能过段时间又被加特征了，后续看情况随缘更新吧哈哈，祝各位师傅玩的开心！🤡🤡🤡\n\n⭐⭐⭐运行前先运行`安装依赖.bat`，接着按照文档把环境先搭建好，运行不起来没反应大概率是没安装gcc！（需要把gcc添加至环境变量path）\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/88e6fbe5-63bb-4ed9-9b81-21e548798eab)\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/f38462a3-73fc-488e-aee8-f020c33b5589)\n\n输出免杀马文件存放在output文件夹里\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/863b2dbd-122b-4543-af3e-990ee238357d)\n\n## 声明\n\n1. 仅限用于技术研究和获得正式授权的攻防项目，请使用者遵守《中华人民共和国网络安全法》，切勿用于任何非法活动，若将工具做其他用途，由使用者承担全部法律及连带责任，作者及发布者不承担任何法律及连带责任！\n2. 为了保证免杀持久性，暂不进行开源，测试尽量通过本地断网环境，避免多次上传沙箱。\n3. 主程序可能被部分杀软标记，若报毒为误报，请添加至杀软白名单。\n4. 使用前先按照文档步骤一步一步来，报错问题先百度自行解决，无营养的issue一律不回，感谢理解！\n5. 自开发程序无后门，不放心可移至虚拟机使用！\n\n## 开发目的\n\n在攻防对抗中，免杀木马是使用频率最高的东西，但是制作起来需要耗费大量时间精力，重复性工作会让人产生疲惫和厌烦！\n为了方便各位师傅在攻防比赛中快速生成免杀木马，取得更好的成绩，于是我决定开发一款全自动工具，只需要双击鼠标便可以生成免杀马！🤡🤡🤡 \n\n我这个人比较喜欢简便，因此设计开发工具时不想添加cmd运行命令和参数，主打一键化生成，更适合脚本小子宝宝的体质！\n\n每次生成对shellcode进行随机混淆加密，生成不同hash和字符串的木马文件，避免被杀软提取特征！⭐⭐⭐\n\n## 环境准备\n\n由于本人比较熟悉go，于是决定用go进行开发，但是说实话在开发过程中感受到了很多局限性，比如依赖库问题，后续开发还是选用其他语言较好\n\n环境准备：安装`go`和`git`，go版本需要`1.20`及以上\n\nhttps://golang.google.cn/dl/go1.21.0.windows-amd64.msi 下载安装go\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/4643a8ea-0eb3-47a5-834a-4cf4538e9c04)\n\nhttps://jmeubank.github.io/tdm-gcc/articles/2021-05/10.3.0-release 下载安装 gcc\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/08e88ebd-4742-4778-954a-afce7c6d6ec9)\n\n https://git-scm.com/download/win  下载安装git\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/9a049473-cb1a-4005-9521-4576d745d392)\n\n\n下载相关garble等相关依赖，命令如下，也可以直接运行压缩包里的`安装依赖.bat`\n\n```\nset GOPROXY=https://goproxy.cn,direct\ngo install mvdan.cc/garble@latest\ngo mod init 1\ngo get github.com/darkwyrm/b85\n```\n\n环境未搭建好，可能会出现以下报错，添加至环境变量即可，还有其他报错请自行百度\n\n```\ncannot get modified linker: exec: \"gcc\": executable file not found in %PATH%\ncannot get modified linker: exec: \"git\": executable file not found in %PATH%\ncannot get modified linker: exec: \"garble\": executable file not found in %PATH%\n```\n\n## 使用方法\n\n\n1、cobaltstrike都有吧，生成`stageless`的`raw`格式文件，把`beacon.bin`和主程序`Qianji_BypassAV.exe`放到同一目录下，别改名字不然会生成失败\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/26436df3-f8b4-4dc1-89af-1ac3e7f07e45)\n\n\n2、双击运行，不需要多余的操作，等待木马生成，成功会在当前目录下生成随机六位数的exe木马文件\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/dc004f1c-2b62-470d-9a32-1fc8f4d360ad)\n\n\n## 免杀效果\n\ndefender\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/a50fbf65-7aa3-4fcb-b48e-f84ac96e8395)\n\n\n火绒\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/aba329c1-1573-45a7-992c-c6072f8a74dc)\n\n\n360\n\n![image](https://github.com/Pizz33/Qianji/assets/88339946/5b71193c-b2b0-4adb-9883-beac56cae7f3)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPizz33%2FQianji","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FPizz33%2FQianji","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FPizz33%2FQianji/lists"}