lengjibo / Foureye
Licence: apache-2.0
AV Evasion Tool For Red Team Ops
Stars: ✭ 421
Programming Languages
shellcode
44 projects
Labels
Projects that are alternatives of or similar to Foureye
DNSWho
transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
Stars: ✭ 47 (-88.84%)
Mutual labels: antivirus-evasion, redteam
Avsignseek
Tool written in python3 to determine where the AV signature is located in a binary/payload
Stars: ✭ 284 (-32.54%)
Mutual labels: antivirus-evasion
0xsp Mongoose
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-0.48%)
Mutual labels: redteam
MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+102.85%)
Mutual labels: redteam
Awesome Red Teaming
List of Awesome Red Teaming Resources
Stars: ✭ 4,223 (+903.09%)
Mutual labels: redteam
Cobalt strike extension kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-18.05%)
Mutual labels: redteam
Lolbas
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+804.99%)
Mutual labels: redteam
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-9.26%)
Mutual labels: redteam
Overlord
Overlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-38.72%)
Mutual labels: redteam
Pidense
🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (-14.96%)
Mutual labels: redteam
Gray hat csharp code
This repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-28.5%)
Mutual labels: redteam
Redteam Research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
Stars: ✭ 330 (-21.62%)
Mutual labels: redteam
FourEye(重明) - AV Evasion Tool For Red Team Ops
用于快速生成免杀的 EXE 可执行文件,目前拥有三种免杀方法。
______ ___
(_) | / (_)
_|_ __ ,_ \__ _
/ | |/ \_| | / | / | | |/
(_/ \__/ \_/|_/ |_/\___/ \_/|/|__/
/|
\|
v1.8 stable !
author [email protected] Lab !
FourEye BypassFrameWork | BypassAV your shellcode && exe
声明
仅限用于技术研究和获得正式授权的测试活动。
安装方法
推荐使用kali linux系统安装.
git clone https://github.com/lengjibo/FourEye.git
cd FourEye
chmod 755 setup.sh
./setup.sh
python3 BypassFramework.py
因为是linux下编译,所以编译文件会有体积大的问题,该工具为三天内的产物,可能有不少bug,欢迎在issus处与我反馈
使用方法
shellcode
python3 BypassFramework.py
选择shellcode
选择免杀方式,1:Fiber、2:APC、3:图片分离,选择加密方式,xor或者rot13,然后输入shellcode,选择位数,x64或者x86
执行execute
exe
选择exe,然后输入exe即可
demo。已上传至B站。
https://www.bilibili.com/video/BV1zy4y1S7ZM/
https://www.bilibili.com/video/BV1Sh411Z7qc
https://www.bilibili.com/video/BV1b54y1x7RT
引用
大多数方法均为网上已经公开的方法,本人只是对其整合、优化,多来自于ired,感谢其分享精神。
update
2020.2.03: 火绒已对其标记,且用且珍惜
2020.12.14:增加其对exe的免杀,方法参考@bats3c,若使用报错请安装x86_64-w64-mingw32-gcc
2021.01.03: 增加x86、x64的支持
2021.01.09: 隐藏窗口
2021.01.26: 增加UUID免杀方法,修复部分bug,增加安装脚本@zhzyker
TODO
- 增加更多的免杀、shellcode加密方法
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].