Найти тему

Breaking News: Chinese AVs Outwitted by Go Code

The GitHub repository «darkPulse» by user «fdx-xdf» is a shellcode packer written in Go.

📌Purpose: darkPulse is designed to generate various shellcode loaders that can evade detection by Chinese antivirus software such as Huorong and 360 Total Security.

📌Shellcode Loader Generation: Generates different types of shellcode loaders.

📌Antivirus Evasion: Focuses on evading detection by popular Chinese antivirus programs like Huorong and 360 Total Security.

📌Encryption and Obfuscation: Supports AES and XOR encryption, and UUID/words obfuscation to reduce entropy.

📌Loading Techniques: Supports multiple loading techniques including callback, fiber, and earlybird. These can be used in indirect syscall and unhook modes.

📌Encoding: Utilizes the Shikata ga nai encoder, ported into Go with several improvements.

📌SysWhispers3: Uses SysWhispers3 for indirect syscall implementation.

Follow on TG & Boosty