{"id":13845512,"url":"https://github.com/iframepm/FuckAV","last_synced_at":"2025-07-12T02:32:03.089Z","repository":{"id":37659078,"uuid":"398196087","full_name":"iframepm/FuckAV","owner":"iframepm","description":"python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）2021-9-13","archived":false,"fork":false,"pushed_at":"2022-06-22T02:05:41.000Z","size":10930,"stargazers_count":265,"open_issues_count":2,"forks_count":57,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-08-05T17:44:41.576Z","etag":null,"topics":["bypass-antivirus","python3","shellcode-loader"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/iframepm.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-08-20T07:42:05.000Z","updated_at":"2024-05-31T12:26:11.000Z","dependencies_parsed_at":"2022-07-18T01:16:53.644Z","dependency_job_id":null,"html_url":"https://github.com/iframepm/FuckAV","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iframepm%2FFuckAV","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iframepm%2FFuckAV/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iframepm%2FFuckAV/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iframepm%2FFuckAV/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/iframepm","download_url":"https://codeload.github.com/iframepm/FuckAV/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225784778,"owners_count":17523702,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bypass-antivirus","python3","shellcode-loader"],"created_at":"2024-08-04T17:03:26.888Z","updated_at":"2024-11-21T18:32:18.440Z","avatar_url":"https://github.com/iframepm.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# FuckAV\n### 项目倒闭，停止维护！\n### powershell免杀还能用，exe稍微改一下还能过\n## [中文](https://github.com/iframepm/FuckAV/blob/main/README.md) [English](https://github.com/iframepm/FuckAV/blob/main/English_readme.md)\n\n[![Travis](https://img.shields.io/badge/%E7%89%88%E6%9C%AC-1.2-red)](1)  [![Travis](https://img.shields.io/badge/Time-9--13-brightgreen)](1)  [![Travis](https://img.shields.io/badge/python-3.6-brightgreen)](1)\n\n农民工写的免杀工具，2021-9-13\n## 更新记录\n### 时间 2021-9-13 版本：1.2\n1. shellcode加载方式由远程加载改为了本地加载，shellcode写死在了exe里面，因为远程加载太麻烦，点开直接上线更方便，现在直接运行shell.exe就能上线\n2. 增加了upx压缩，缩小了exe体积\n3. 自动更新图标文件的md5，防止图标资源成为查杀的特征码，现在不需要每隔一段时间次就替换图标文件\n4. 支持powershell脚本免杀（还没开发的，就这几天弄）\n5. 加载器已经被杀软分析透了，得大改才能活下去，开源之后差不多活了两个月，也还算可以了\n### 时间 2021-9-23 版本：1.3\n1. 去除了upx压缩，压缩率太低，没啥用，画蛇添足\n2. 每次都会重置ico还有py的文件名\n3. 封装了主main依赖库\n### 时间 2021-10-25 版本：2.0\n1. 加入了powershell免杀\n##  温馨提示\n\u003e 使用之前安装一下python库 pip install -r requirement.txt，出现啥依赖库报错，大家自己解决吧，因为这个每个人的环境不一样，解决个依赖库报错相信不是啥难题\n\n- 脚本采用python3.7编写,Windows环境！！！！！！\n\n- 采用pyinstaller打包，使用之前请安装pyinstaller\n\n- 运行之前先确认一下pip库有没有安装\n\n- 环境实在报错就用fuckav.exe\n\n- 因为开源了嘛，估计要不了半个月就会被加入360豪华套餐了，但是整个程序够简单，被杀了再去改几个特征码照样又可以免杀半个月，反正我自己用了半个月，一直都是国内杀软全过，保持更新，但是频率比较慢，因      为我只是个没用的安服\n\n- 不得不说这个脚本确实有很多地方是在造轮子，但是是有意造的轮子，看似造轮子，实则是为了以后方便魔改（说白了就是菜，因为我是一个没用的安服）\n\n- 因为脚本逻辑实在太过于简单，没啥技术含量，所以大家尽量还是不要把马子上传到云杀箱了吧，为了免杀活更久一点\n## 存活动态\n- 截止到 2021-8-20，360、火绒、Windows denfend、卡巴静态全过\n- 截止到 2021-8-28，360、火绒、Windows denfend、卡巴静态全过  2021-8-28更新\n- 截止到 2021-9-13，360、火绒、Windows denfend、静态全过，无法过360动态查杀（约一分钟之后就会报毒，可以再查杀之前选择进程注入。）\n- 截止到 2021-9-23，360、火绒动静态全过 Windows denfend、卡巴静态全过，更新了一下改了改规则，又能过了....不愧是md5查杀器\n- 截止到 2021-9-26，360、火绒动静态全过 Windows denfend、卡巴静态全过，Windows denfend、卡巴 动态杀\n- 截止到 2021-10-25，360、火绒动静态全过，卡巴，Windows denfend过不了（没有WD环境，懒得测）\n- 截止到 2022-6-22，停止更新了，我太懒了，本身不是做免杀的，而且涉及的技术栈太过于基础，没有维护下去的必要，后续可能会开发其他的免杀或者写点文章\n### VT查杀率：\n![image](https://s3.bmp.ovh/imgs/2021/09/44082aac1e090b1d.png)\n### exe：\n![image](https://z3.ax1x.com/2021/10/25/54odB9.gif)\n### powershell：\n![image](https://z3.ax1x.com/2021/10/25/544WBn.gif)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiframepm%2FFuckAV","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fiframepm%2FFuckAV","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiframepm%2FFuckAV/lists"}