{"id":13539765,"url":"https://github.com/nccgroup/winpayloads","last_synced_at":"2025-05-16T00:00:22.334Z","repository":{"id":43331826,"uuid":"43946043","full_name":"nccgroup/Winpayloads","owner":"nccgroup","description":"Undetectable Windows Payload Generation","archived":false,"fork":false,"pushed_at":"2022-11-08T08:14:23.000Z","size":23947,"stargazers_count":1588,"open_issues_count":13,"forks_count":335,"subscribers_count":105,"default_branch":"master","last_synced_at":"2025-04-08T10:35:04.460Z","etag":null,"topics":["antivirus","bypass","kali","metasploit","meter","msfconsole","netsec","payloads","persistence","powershell","python","uac","undetectable","windows"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nccgroup.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-10-09T09:29:49.000Z","updated_at":"2025-04-06T16:40:15.000Z","dependencies_parsed_at":"2022-07-12T18:18:56.280Z","dependency_job_id":null,"html_url":"https://github.com/nccgroup/Winpayloads","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FWinpayloads","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FWinpayloads/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FWinpayloads/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FWinpayloads/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nccgroup","download_url":"https://codeload.github.com/nccgroup/Winpayloads/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254442854,"owners_count":22071877,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["antivirus","bypass","kali","metasploit","meter","msfconsole","netsec","payloads","persistence","powershell","python","uac","undetectable","windows"],"created_at":"2024-08-01T09:01:31.611Z","updated_at":"2025-05-16T00:00:21.998Z","avatar_url":"https://github.com/nccgroup.png","language":"Python","readme":"# Winpayloads - Python2.7\nUndetectable Windows Payload Generation with extras Running on Python2.7\n\n## As usual, Don't upload payloads to any online virus checkers  \n- Virus Total Detection - Updated 25/01/2019 - 16/68 Detections  \nhttps://www.virustotal.com/#/file/a921ac7540c93bf03a8ed76158b445b5f8780d8f112405811ebbe820c0e3d5c3/detection\n\n## For Fully Undetectable Payloads please use the stager functionality [Youtube Video](https://youtu.be/eRl5H5wHqKY)\n\n## Docker!  \nNormal installation is deprecated, Please use docker now.  \n`docker pull charliedean07/winpayloads:latest`  \n`docker run -e LANG=C.UTF-8 --net=host -it charliedean07/winpayloads`  \n\n  \n## Features\n* UACBypass - PowerShellEmpire https://github.com/PowerShellEmpire/Empire/raw/master/data/module_source/privesc/Invoke-BypassUAC.ps1 Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.   \n* PowerUp - PowerShellEmpire https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerUp/PowerUp.ps1 Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.   \n* Invoke-Shellcode https://github.com/PowerShellMafia/PowerSploit/blob/master/CodeExecution/Invoke-Shellcode.ps1 Copyright (c) 2012, Matthew Graeber. All rights reserved.\n* Invoke-Mimikatz https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Invoke-Mimikatz.ps1 Copyright (c) 2012, Matthew Graeber. All rights reserved.\n* Invoke-EventVwrBypass https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Invoke-EventVwrBypass.ps1 Matt Nelson (@enigma0x3)\n* Persistence - Adds payload persistence on reboot   \n* Psexec Spray - Spray hashes until successful connection and psexec payload on target   \n* Upload to local webserver - Easy deployment\n* Powershell stager - allows invoking payloads in memory \u0026 more\n* Anti sandboxing techniques\n* Custom shellcode \n\n## Check out the Wiki for installation and more!\nhttps://github.com/nccgroup/Winpayloads/wiki  \n\n![alt tag](https://raw.githubusercontent.com/Charliedean/charliedean.github.io/master/images/2016-02-16%2010_12_29-Kali2%20-%20VMware%20Workstation.png)\n\n# Video and Information on Blog  (OUTDATED)\nhttps://charliedean.github.io  \n","funding_links":[],"categories":["\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","\u003ca id=\"783f861b9f822127dba99acb55687cbb\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"80301821d0f5d8ec2dd3754ebb1b4b10\"\u003e\u003c/a\u003ePayload\u0026\u0026远控\u0026\u0026RAT","\u003ca id=\"ad92f6b801a18934f1971e2512f5ae4f\"\u003e\u003c/a\u003ePayload生成"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2Fwinpayloads","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnccgroup%2Fwinpayloads","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2Fwinpayloads/lists"}