7 Repos
The process of decrypting strings by executing the original decryption logic within a controlled runtime environment.
Distinct from Dynamic Strings: None of the candidates cover the specific technique of executing binary code to retrieve plain-text strings.
Explore 7 awesome GitHub repositories matching security & cryptography · Dynamic String Decryption. Refine with filters or upvote what's useful.
de4dot is a .NET deobfuscator and unpacker designed to reverse obfuscation and restore readable code and metadata within .NET assemblies. It functions as a bytecode analyzer that simplifies control flow, strips anti-debugging protections, and extracts original payloads from packed executable wrappers. The project distinguishes itself through a modular deobfuscation pipeline and a sandbox environment used for dynamic string decryption, which executes decryption methods to replace encrypted strings with plain-text values. It can identify specific obfuscation tools through pattern-based binary a
Executes original decryption logic within a controlled sandbox to replace encrypted strings with plain-text values.
de4dot is a .NET deobfuscator, unpacker, and assembly analysis tool. It is designed to remove obfuscation layers, restore metadata, and simplify bytecode control flow to transform protected binaries back into human-readable code. The project features specialized systems for decrypting strings and constants using both static and dynamic analysis. It identifies specific protection tools through pattern-based detection and strips anti-analysis protections, such as tamper detection and anti-debugging code. The tool provides a suite of reverse engineering capabilities, including binary wrapper un
Executes decryption methods from a loaded assembly to replace encrypted string calls with plain-text values.
Pyarmor ist ein Toolset zum Schutz von Python-Software durch Quellcode-Obfuskation, Bytecode-Schutz und Binärkompilierung. Es fungiert als Code-Obfuskator, Bytecode-Protektor und Binär-Compiler, der darauf ausgelegt ist, Reverse Engineering und unbefugten Zugriff auf Python-Skripte und -Pakete zu verhindern. Das Projekt zeichnet sich durch die Bereitstellung eines umfassenden Software-Lizenzmanagers aus, der hardwaregebundene Lizenzierung ermöglicht. Dies erlaubt Entwicklern, die Skriptausführung an spezifische physische Geräte oder virtuelle Maschinen zu binden und strikte Ablaufdaten mittels verschlüsselter Laufzeitschlüssel durchzusetzen. Die breiteren Funktionen decken die sichere Verteilung durch die Generierung obfuskierter Wheels und eigenständiger ausführbarer Dateien für mehrere Plattformen ab. Die Sicherheitsoberfläche umfasst Laufzeit-Integritätsprüfungen, wie z. B. die Verhinderung von Debugger-Anhängen, Schutz auf Speicherebene und die Konvertierung von Python-Funktionen in kompilierte C-Erweiterungen. Das Tool enthält ein Command-Line-Interface und unterstützt die Integration in CI/CD-Pipelines, um den Obfuskationsprozess während der Builds zu automatisieren.
Hides sensitive plain-text strings within the source by encrypting them and decrypting them only during execution.
This project is a comprehensive Android reverse engineering suite that functions as a decompiler, bytecode deobfuscator, and malware analysis tool. It is designed to convert APK, DEX, and OAT binaries into human-readable source code using a native implementation that does not require a Java Virtual Machine. The platform is distinguished by its integration with Frida for dynamic analysis, allowing users to hook methods, inject custom JavaScript, and dump device memory in real time. It also features specialized security engines, including a taint propagation engine and a stack-state machine, to
Provides utilities to decrypt data using common encoding algorithms to reveal plain text values from binaries.
Dieses Projekt ist eine Wissensdatenbank für Red Teaming und ein Playbook für offensive Sicherheit, das darauf ausgelegt ist, das Verhalten von Angreifern zu simulieren. Es dient als umfassende Sammlung technischer Anleitungen und Taktiken für die Durchführung von Red-Team-Operationen. Das Repository bietet detaillierte Anweisungen für Active-Directory-Exploitation, einschließlich Kerberos-Missbrauch und Domain-Privilege-Escalation. Es behandelt Defense-Evasion durch API-Unhooking und Payload-Obfuskation sowie Windows-Internals-Forschung, die die Manipulation von Kernel-Objekten und Systemspeicher umfasst. Das Fähigkeitsspektrum erstreckt sich auf Netzwerk-Penetrationstests, Malware-Analyse und -Engineering sowie die Bereitstellung von Infrastruktur für offensive Sicherheit. Es enthält zudem Methoden für Lateral Movement, Persistenz und Datenexfiltration in Unternehmensumgebungen.
Implements encryption of static string constants within binaries to prevent static analysis by security researchers.
Flare-floss is a security utility and static binary string extractor designed to uncover hidden text and configuration data within compiled binaries. It functions as an obfuscated string decoder and reverse engineering tool to translate encoded strings into readable text for security auditing. The project employs emulated execution to capture the decrypted state of strings in memory by running small chunks of binary code in a virtual CPU. It further utilizes static analysis disassembly, intermediate representation analysis, and heuristic-based pattern matching to identify and decode strings t
Uses emulated execution in a virtual CPU to capture the decrypted state of strings in memory.
ConfuserEx is a security toolset for .NET applications that functions as a code obfuscator, binary encryptor, and application protector. Its primary purpose is to prevent reverse engineering by hiding sensitive application logic and data. The project employs specific hardening techniques including symbol renaming to hinder human readability and control-flow mutation to confuse decompilers. It further protects binaries by encrypting constants and resources to stop static analysis and memory dumping, while blocking the use of debuggers and profilers to prevent runtime analysis. Additional capa
Encrypts static string constants and embedded resources to prevent static analysis and memory dumping.