INotGreen / XiebroC2

渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理
https://github.com/INotGreen/XiebroC2/wiki
1.01k stars 155 forks source link

Windows Defender Detects XiebroC2 Build Instantly #20

Closed 0x1x02 closed 6 months ago

0x1x02 commented 7 months ago

Hello ! @INotGreen

I wanted to congratulate you on the remarkable work you've done with the XiebroC2 project. It's truly impressive and showcases your expertise in this field. However, I've encountered an issue where Windows Defender instantly detects the build, which could potentially hinder its adoption among users. I understand that antivirus detection can be challenging, but addressing this issue could greatly benefit the project's usability. Thank you for your dedication to this project, and I look forward to seeing how it progresses in the future.

Best regards,

0x1x02

INotGreen commented 7 months ago

Thanks bro, what I'm trying to say is that the reason it was detected by Defender is because I obfuscated the Controller and Teamserver with UPX compression, which made the program smaller, but Windows defender apparently detects it, and with The abuse of XiebroC2 is more AV/EDR will make a counter to it, finally if you are not confident about the security of the program you can use it in a virtual machine, for the sake of my reputation, I mustn't be in it Place a backdoor