7 repository-uri
The process of decrypting strings by executing the original decryption logic within a controlled runtime environment.
Distinct from Dynamic Strings: None of the candidates cover the specific technique of executing binary code to retrieve plain-text strings.
Explore 7 awesome GitHub repositories matching security & cryptography · Dynamic String Decryption. Refine with filters or upvote what's useful.
de4dot is a .NET deobfuscator and unpacker designed to reverse obfuscation and restore readable code and metadata within .NET assemblies. It functions as a bytecode analyzer that simplifies control flow, strips anti-debugging protections, and extracts original payloads from packed executable wrappers. The project distinguishes itself through a modular deobfuscation pipeline and a sandbox environment used for dynamic string decryption, which executes decryption methods to replace encrypted strings with plain-text values. It can identify specific obfuscation tools through pattern-based binary a
Executes original decryption logic within a controlled sandbox to replace encrypted strings with plain-text values.
de4dot is a .NET deobfuscator, unpacker, and assembly analysis tool. It is designed to remove obfuscation layers, restore metadata, and simplify bytecode control flow to transform protected binaries back into human-readable code. The project features specialized systems for decrypting strings and constants using both static and dynamic analysis. It identifies specific protection tools through pattern-based detection and strips anti-analysis protections, such as tamper detection and anti-debugging code. The tool provides a suite of reverse engineering capabilities, including binary wrapper un
Executes decryption methods from a loaded assembly to replace encrypted string calls with plain-text values.
Pyarmor este un set de instrumente pentru protejarea software-ului Python prin ofuscarea codului sursă, protecția bytecode-ului și compilarea binară. Funcționează ca un ofuscator de cod, protector de bytecode și compilator binar conceput pentru a preveni ingineria inversă și accesul neautorizat la scripturile și pachetele Python. Proiectul se distinge prin furnizarea unui manager de licențe software cuprinzător care permite licențierea legată de hardware. Acest lucru permite dezvoltatorilor să blocheze execuția scripturilor pe dispozitive fizice sau mașini virtuale specifice și să impună date de expirare stricte prin chei de runtime criptate. Capabilitățile sale mai largi acoperă distribuția securizată prin generarea de wheels ofuscate și executabile independente pentru mai multe platforme. Suprafața de securitate include verificări de integritate la runtime, cum ar fi prevenirea atașării debugger-ului, protecția la nivel de memorie și conversia funcțiilor Python în extensii C compilate. Instrumentul include o interfață în linie de comandă și suportă integrarea în pipeline-uri de integrare continuă (CI) pentru a automatiza procesul de ofuscare în timpul build-urilor.
Hides sensitive plain-text strings within the source by encrypting them and decrypting them only during execution.
This project is a comprehensive Android reverse engineering suite that functions as a decompiler, bytecode deobfuscator, and malware analysis tool. It is designed to convert APK, DEX, and OAT binaries into human-readable source code using a native implementation that does not require a Java Virtual Machine. The platform is distinguished by its integration with Frida for dynamic analysis, allowing users to hook methods, inject custom JavaScript, and dump device memory in real time. It also features specialized security engines, including a taint propagation engine and a stack-state machine, to
Provides utilities to decrypt data using common encoding algorithms to reveal plain text values from binaries.
This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior. It serves as a comprehensive collection of technical guides and tactics for executing red team operations. The repository provides detailed instructions for Active Directory exploitation, including Kerberos abuse and domain privilege escalation. It covers defense evasion through API unhooking and payload obfuscation, as well as Windows internals research involving the manipulation of kernel objects and system memory. The capability surface extends to network penetration testi
Implements encryption of static string constants within binaries to prevent static analysis by security researchers.
Flare-floss is a security utility and static binary string extractor designed to uncover hidden text and configuration data within compiled binaries. It functions as an obfuscated string decoder and reverse engineering tool to translate encoded strings into readable text for security auditing. The project employs emulated execution to capture the decrypted state of strings in memory by running small chunks of binary code in a virtual CPU. It further utilizes static analysis disassembly, intermediate representation analysis, and heuristic-based pattern matching to identify and decode strings t
Uses emulated execution in a virtual CPU to capture the decrypted state of strings in memory.
ConfuserEx is a security toolset for .NET applications that functions as a code obfuscator, binary encryptor, and application protector. Its primary purpose is to prevent reverse engineering by hiding sensitive application logic and data. The project employs specific hardening techniques including symbol renaming to hinder human readability and control-flow mutation to confuse decompilers. It further protects binaries by encrypting constants and resources to stop static analysis and memory dumping, while blocking the use of debuggers and profilers to prevent runtime analysis. Additional capa
Encrypts static string constants and embedded resources to prevent static analysis and memory dumping.