Coder Social home page Coder Social logo

obfusion's Introduction

Obfusion - C++ X86 Code Obfuscation Library

This library handles obfuscation of assembled X86 machine code in order to make it harder to read and analyze during the reverse engineering process.

Should work very well with obfuscating shellcode that is later embedded with executable files. If shellcode is known to security products, the obfuscation process should make it bypass any signature detection scans.

This is a follow-up to the research I did on obfuscation of x86 instructions that I documented on my blog:

X86 Shellcode Obfuscation - Part 1

X86 Shellcode Obfuscation - Part 2

X86 Shellcode Obfuscation - Part 3

Library was initially compiled with MSVS2008, so there should be no compatibility issues even if you try to compile it using newer versions of Visual Studio.

Makefiles for Linux are coming soon(ish).

Examples

See examples/ directory to learn how to implement this library in your own projects.

Demo

Here is the disassembled sample shellcode that spawns calc.exe in original form: original shellcode

And here is the disassembly of the same sample shellcode after the 3-pass obfuscation process: obfuscated shellcode

How to compile

Windows

Open the .sln solution in Visual Studio (at least version 2008) and click Build Solution

Linux

Navigate to project directory and type:

cmake .
make
sudo make install

External libraries

Hacker Disassembler Engine 32/64 Copyright (c) 2006-2009, Vyacheslav Patkov. All rights reserved.

Contact

E-mail: kuba -at- breakdev.org

License

Library is released under GNU/GPL version 3.0

Copyright (c) 2016 Kuba Gretzky

obfusion's People

Contributors

kgretzky avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.