From 51b20a97c592fff510836ca441ca26a108d49e2b Mon Sep 17 00:00:00 2001
From: PHPPlay <416539300@qq.com>
Date: Thu, 13 Jun 2024 16:00:15 +0800
Subject: [PATCH] Update git.md

---
 git.md | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/git.md b/git.md
index a1e519f..edf6776 100644
--- a/git.md
+++ b/git.md
@@ -3,17 +3,20 @@
 ## 技术文章
 
 ```
-
+https://www.blackhat.com/us-24/arsenal/schedule/#boaz-yet-another-layered-evasion-tool-evasion-tool-evaluations-and-av-testing-38960               有趣的bypass av研究，开源免杀组合挑战vt，送样本，越开源，死的越快
+https://www.blackhat.com/us-23/arsenal/schedule/#tool-aids-in-monitoring-dynamic-scanning-33678               有趣的bypass av研究，没找到ppt
 ```
 
 ## bypass av
 
 ```
 https://github.com/RedSiege/C2concealer                C2concealer是一个命令行工具，可以生成随机的C2延展性配置文件，用于Cobalt Strike。
-https://github.com/reveng007/DarkWidow                 黑寡妇，一个可定制的免杀工具，针对Windows。针对edr
+https://github.com/reveng007/DarkWidow                 黑寡妇，一个可定制的免杀工具，针对Windows。针对edr进行测试
 https://github.com/reveng007/Learning-EDR-and-EDR_Evasion/tree/main                 edr绕过学习相关代码
 https://github.com/hasherezade/pe_to_shellcode                 最好的shellcode提取工具，特点是提取后依然可以作为exe运行              
 https://github.com/peewpw/Invoke-PSImage                 exe转图，powershell加载
+https://github.com/ProcessusT/SharpVenoma/tree/main                 C# Cobalt Strike beacon,自定义选项
+https://github.com/chvancooten/NimPlant                 一个用Nim和Python编写的轻量级第一阶段C2植入程序
 ```
 
 ## 内网
@@ -37,3 +40,9 @@ https://github.com/mrd0x/BITB   钓鱼模仿页面
 ```
 
 ```
+
+## 反病毒
+
+```
+https://github.com/mandiant/capa                 一个反病毒沙箱，pe分析工具  
+```