所有收集类项目

Obfuscate

源码混淆和二进制混淆，包括多种语言和多个平台。250+工具和600+文章
English Version

C/C++
- advobfuscator -> (1)工具 (1)文章
- (5) 工具
dotNet
- de4dot -> (2)工具 (2)文章
- obfuscar -> (1)工具
- confuserex -> (3)工具 (6)文章
- (7) 工具
- (10) 文章
PowerShell
JavaScript
- javascript-obfuscator -> (7)工具
- baffle -> (1)工具
- jstillery -> (1)工具
- (16) 工具
- (64) 文章
LLVM
- obfuscator -> (7)工具
- armariris -> (1)工具 (1)文章
- tigress -> (1)工具
- (10) 工具
- (18) 文章
Shellcode -> (6)工具 (7)文章
Bash
- bashfuscator -> (1)工具 (1)文章
- (2) 工具
- (3) 文章
PHP
- php-obfuscator -> (1)工具
- yakpro-po -> (1)工具
- optimus -> (2)工具
- (11) 工具
- (9) 文章
Go
- gobfuscate -> (1)工具
- (1) 工具
Office
- macro_pack -> (1)工具 (4)文章
- maliciousmacrogenerator -> (1)工具
- (2) 工具
- (16) 文章
Python
- pyminifier -> (1)工具
- pyarmor -> (1)工具
- neopi -> (1)工具 (2)文章
- intensio-obfuscator -> (1)工具 (1)文章
- (15) 工具
- (10) 文章
Android
- simplify -> (1)工具
- (14) 工具
- (36) 文章
Apple
- stcobfuscator -> (1)工具
- (13) 工具
- (11) 文章
Java
- nullproguard -> (1)工具
- (12) 工具
- (11) 文章
CMD
- invoke-dosfuscation -> (1)工具 (2)文章
- (1) 文章
其他
- flare-floss -> (1)工具 (1)文章
- demovfuscator -> (1)工具
- hexraysdeob -> (2)工具
- callobfuscator -> (1)工具
恶意代码 -> (83)文章
新添加-混淆 -> (78)工具 (262)文章
新添加-反混淆 -> (33)工具 (43)文章

C/C++

advobfuscator

工具

[551星][13d] [C++] andrivet/advobfuscator Obfuscation library based on C++11/14 and metaprogramming

文章

2019.10 [vkremez] Let's Learn: Dissecting Lazarus Windows x86 Loader Involved in Crypto Trading App Distribution: "snowman" & ADVObfuscator

工具

[303星][4y] [C++] kgretzky/obfusion bfusion - C++ X86 Code Obfuscation Library
[182星][12d] [C++] fritzone/obfy A tiny C++ obfuscation framework
[130星][2y] [C++] urshadow/stringobfuscator Compile-time string obfuscation (C++14)
[126星][6m] [C++] adamyaxley/obfuscate Guaranteed compile-time string literal obfuscation header-only library for C++14
[39星][3y] [Assembly] macmade/obfuscate C/C++ machine code obfuscation.

dotNet

de4dot

工具

[4114星][12d] [C#] 0xd4d/de4dot .NET 反混淆和脱壳
[256星][18d] [C#] brianhama/de4dot .NET deobfuscator and unpacker.

文章

2018.01 [MalwareAnalysisForHedgehogs] Malware Analysis - When De4dot fails, Removing Anti Tamper from NullShield
2018.01 [MalwareAnalysisForHedgehogs] Malware Analysis - Deobfuscating .NET Assemblies with De4Dot

obfuscar

工具

[811星][12d] [C#] obfuscar/obfuscar Open source obfuscation tool for .NET assemblies

confuserex

工具

[312星][13d] [C#] xenocoderce/neo-confuserex Updated ConfuserEX, an open-source, free obfuscator for .NET applications
[207星][4m] [C#] bedthegod/confuserex-mod-by-bed Beds Protector | Best free obfuscation out right now
[196星][4y] [C#] codeshark-dev/nofuserex Free deobfuscator for ConfuserEx.

文章

2019.08 [markmotig] I am loving ConfuserEx/Neo-ConfuserEx for C# obfuscation
2019.08 [markmotig] Neo-ConfuserEX the successor of ConfuserEX for obfuscation
2019.08 [markmotig] Quick Introduction to ConfuserEX
2017.12 [360] Recam终极版：如何一步步脱掉ConfuserEx保护壳（下）
2017.12 [360] Recam终极版：如何一步步脱掉ConfuserEx保护壳（上）
2017.12 [talosintelligence] 脱自定义 ConfuserEx 壳, 分析其 Payload

工具

[131星][2y] [C#] xenocoderce/noisette-obfuscator An Obfuscator for .NET assembly
[73星][16d] [C#] holly-hacker/dnspy.extension.holly A dnSpy extension to aid reversing of obfuscated assemblies
[47星][5m] rustemsoft/skater-.net-obfuscator 一个用于.net代码保护的混淆工具
[37星][2y] [C#] codeofdark/panda-obfuscator PandaObfuscator an simple Obfuscator, free, OpenSource for .Net Applications
[24星][4y] [C#] tum-i22/vot4cs C#虚拟化混淆工具
[19星][4m] [C#] dentrax/z00bfuscator Z00bfuscator is the simple, open-source, cross-platform obfuscator for .NET Assemblies built on .NET Core
[None星]notprab/.net-deobfuscator Lists of .NET Deobfuscator and Unpacker (Open Source)

文章

2016.12 [securityblog] Open source .NET deobfuscator and unpacker
2013.11 [digitaloperatives] Programmatic String Deobfuscation in .NET Malware
2013.11 [digitaloperatives] Programmatic String Deobfuscation in .NET Malware
2013.10 [forcepoint] PHP.net compromised, serving up obfuscated content
2013.04 [pediy] [翻译].NET混淆器Dotfuscator的五大看点
2013.03 [pediy] [原创].Net 下的混淆器作用原理
2010.09 [pediy] [原创]DotNet混淆后程序的破解
2006.12 [pediy] 从reflector实现看.net的混淆与反混淆技术[原创]
2006.11 [pediy] [原创]数据结构在.net反流程混淆中的应用[看雪学院2006金秋读书季]
2004.10 [sans] Microsoft ASP.NET vulnerability, URL obfuscation, more MD5

PowerShell

invoke-obfuscation

工具

[1450星][1y] [PS] danielbohannon/invoke-obfuscation PowerShell Obfuscator

文章

2018.08 [cqureacademy] Going Undercover With Invoke-Obfuscation
2017.12 [danielbohannon] The Invoke-Obfuscation Usage Guide :: Part 2
2017.12 [danielbohannon] Invoke-Obfuscation 使用指南(Part 1)
2017.11 [pcsxcetrasupport3] De-obfuscating a PowerShell Script Obfuscated by Invoke-Obfuscation
2017.01 [trustedsec] TrustedSec Security Podcast Ep: 2.5 – Mirai, Rudy Cyber head, ransomware, Invoke-Obfuscation and more!
2016.10 [danielbohannon] Invoke-Obfuscation v1.1 (coming Sunday, Oct 9)
2016.09 [danielbohannon] Invoke-Obfuscation :: Public Release

工具

[505星][2y] [PS] danielbohannon/invoke-cradlecrafter PowerShell Remote Download Cradle Generator & Obfuscator
[451星][2y] [PS] danielbohannon/revoke-obfuscation PowerShell Obfuscation Detection Framework
[204星][5m] [PS] r3mrum/psdecode PowerShell script for deobfuscating encoded PowerShell scripts
[143星][4m] [Py] cbhue/pyfuscation Obfuscate powershell scripts by replacing Function names, Variables and Parameters.
[89星][3y] [PS] danielbohannon/out-fincodedcommand POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's stdin command invocation capabilities
[42星][11d] [Py] cwolff411/powerob An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.
[13星][6m] [PS] gh0x0st/invoke-psobfuscation A Red and Blue team introduction into PowerShell obfuscation
[3星][1y] [Py] 3nc0d/powershell-obfuscator Powerful script for logical obfuscation of powershell scripts
[1星][11m] [Py] secureyourself7/powershell_code_basic_obfuscation Simple PowerShell Script Code Obfuscator written in Python

文章

2019.11 [freebuf] 分析银行木马的恶意快捷方式及混淆的Powershell
2019.11 [4hou] Unit42发布powershell自动反混淆工具
2019.10 [HackersOnBoard] Black Hat USA 2017 Revoke Obfuscation PowerShell Obfuscation Detection And Evasion Using Science
2019.07 [PowerShellConferenceEU] Daniel Bohannon - PesterSec: Using Pester & ScriptAnalyzer to Detect Obfuscated PowerShell
2019.06 [beny] Weaponization: Howto Fully Undetectable Empire Powershell MS macro (VBA obfuscation & Stomping)
2019.04 [arxiv] [1904.10270] PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware
2019.03 [xednaps] WannaMine dropper – Powershell Obfuscation
2019.02 [4hou] Powershell混淆——使用安全字符串
2019.01 [sans] "Invoke Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To) D""e'Tec'T 'Th'+'em' "
2018.12 [4hou] 尝试根据字符频度检测Powershell混淆
2018.11 [yoroi] Dissecting the Mindscrew-Powershell Obfuscation
2018.11 [pediy] [翻译]Powershell 代码反混淆技术研究
2018.10 [aliyun] 反混淆powershell
2018.10 [endgame] Deobfuscating PowerShell: Putting the Toothpaste Back in the Tube
2018.08 [aliyun] 反混淆Emotet powershell payload
2018.08 [360] 解混淆Emotet powershell payload
2018.06 [PowerShellConferenceEU] Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science - Daniel Bohannon
2018.02 [dissectmalware] Obfuscated PowerShell Script 2 – Emotet
2017.12 [4hou] PSAmsi：四两拨千斤实现PowerShell代码混淆隐藏
2017.12 [4hou] 基于AST抽象语法树的PowerShell代码混淆技术
2017.11 [360] 基于抽象语法树的PowerShell混淆技术
2017.11 [cobbr] AbstractSyntaxTree-Based PowerShell Obfuscation
2017.09 [jaapbrasser] Decipher obfuscated URLs with PowerShell
2017.09 [softscheck] Deobfuscating VBA & PowerShell Scripts of an Emotet Trojan Downloader
2017.08 [360] 根据powershell语言的特性来混淆代码的方法与原理
2017.08 [n0where] PowerShell Obfuscation Detection Framework: Revoke-Obfuscation
2017.07 [fireeye] Revoke-Obfuscation: PowerShell Obfuscation Detection Using Science
2017.06 [] 无文件应用程序白名单绕过以及 Powershell 混淆
2017.06 [mikefrobbins] Simple Obfuscation with PowerShell using Base64 Encoding
2017.06 [freebuf] Powershell编码与混淆
2017.04 [cobbr] Trying to Detect PowerShell Obfuscation Through Character Frequency
2017.03 [danielbohannon] PowerShell执行参数混淆
2017.03 [cobbr] ObfuscatedEmpire - Use an obfuscated, in-memory PowerShell C2 channel to evade AV signatures

JavaScript

javascript-obfuscator

工具

[4393星][12d] [TS] javascript-obfuscator/javascript-obfuscator 一个强大的JavaScript和Node.js模糊器，包含为源代码提供保护的各种特性
[355星][9d] [TS] javascript-obfuscator/webpack-obfuscator javascript-obfuscator plugin for Webpack
[107星][4m] [JS] javascript-obfuscator/javascript-obfuscator-ui A web UI to the JavaScript Obfuscator node.js package.
[70星][1m] [JS] javascript-obfuscator/gulp-javascript-obfuscator Gulp plugin for javascript-obfuscator package.
[40星][12d] [JS] javascript-obfuscator/obfuscator-loader A webpack loader for obfuscating single modules using javascript-obfuscator
[33星][8m] [JS] tomasz-oponowicz/grunt-javascript-obfuscator Obfuscates JavaScript files using amazing javascript-obfuscator.
[16星][4m] [JS] javascript-obfuscator/grunt-contrib-obfuscator Grunt plugin for the javascript-obfuscator package.

baffle

工具

[1665星][3y] [JS] camwiegert/baffle 一个用于混淆和显示DOM元素中的文本的小型javascript库。

jstillery

工具

[530星][1y] [JS] mindedsecurity/jstillery Advanced JavaScript Deobfuscation via Partial Evaluation

工具

[314星][10m] [JS] hynekpetrak/malware-jail 半自动Javascript恶意软件分析的沙箱，去混淆和Payload提取
[269星][12d] [JS] lelinhtinh/de4js JavaScript Deobfuscator and Unpacker
[207星][30d] [JS] chichou/etacsufbo 基于 AST 变换的简易 Javascript 反混淆辅助工具
[85星][29d] [JS] rapid7/jsobfu Obfuscate JavaScript (beyond repair) with Ruby
[83星][4m] [JS] zswang/jfogs JavaScript Obfuscator
[79星][5m] [HTML] szimeus/evalyzer Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection
[73星][17d] [TS] geeksonsecurity/illuminatejs IlluminateJs is a static JavaScript deobfuscator
[40星][14d] [JS] anseki/gnirts Obfuscate string literals in JavaScript code.
[35星][7m] [PHP] propaganistas/email-obfuscator A text filter for automatic email obfuscation using the well-established Javascript and a CSS fallback:
[26星][1y] [JS] alexhorn/defendjs A free and open source JavaScript and Node.js obfuscator.
[26星][4m] [Py] aurore54f/jast Syntactic detection of malicious (obfuscated) JavaScript files
[23星][1y] [JS] veggiedefender/marveloptics_malware Deobfuscated + reverse engineered javascript malware
[10星][7y] [Py] lucianogiuseppe/js-auto-deobfuscator JSADO automatically deobfuscates javascript scripts which use eval or some other function
[2星][8m] [Haskell] prate658/hajas JavaScript deobfuscator
[2星][3m] [JS] filipemgs/poisonjs PoisonJS - De-obfuscate eval-based JavaScript obfuscation with monkey-patched eval(-like) functions.
[1星][2y] [JS] enzou/javascript2img_decoder Decoder for JavaScript code which was obfuscated by JavaScript2img

文章

2019.09 [antoinevastel] Benchmarking our JavaScript obfuscator
2019.09 [antoinevastel] Improving our homemade JavaScript obfuscator
2019.09 [antoinevastel] A simple homemade JavaScript obfuscator
2019.09 [bromium] Deobfuscating Ostap: TrickBot’s 34,000 Line JavaScript Downloader
2019.08 [SecurityWeekly] Deobfuscating JavaScript to Investigate Phishing Domains - PSW #617
2019.04 [freebuf] 如何使用JavaScript混淆来躲避AV
2019.04 [netsparker] Announcing the Deobfuscating JavaScript White Paper
2019.03 [360] 恶意代码使用JavaScript混淆规避反病毒程序
2019.03 [yoroi] Evading AV with JavaScript Obfuscation
2019.01 [fuzzysecurity] Angler EK JavaScript Deobfuscation: The Emperor Has No Clothes
2018.10 [sucuri] Obfuscated JavaScript Cryptominer
2018.04 [pediy] [翻译]通过Javascript中的CFI实现混淆阻止解密分析
2017.07 [freebuf] 从javascript脚本混淆说起
2017.06 [vkremez] "Amazon Order Cancelled": Weight Loss Spam Campaign via Obfuscated JavaScript
2017.05 [netskope] Obfuscated Javascript Malware using Cloud Services
2017.05 [intrinsec] Malware : désobfuscation d’un Javascript encodé
2017.04 [ColinHardy] Emotet JavaScript dropper deobfuscation and analysis
2017.03 [sans] Nicely Obfuscated JavaScript Sample
2017.02 [metabrik] Deobfuscate JavaScript from the command line made easy
2017.01 [CodeColoristX] 一例简易静态 Javascript 反混淆
2016.11 [netskope] Manually Deobfuscating Strings Obfuscated in Malicious JavaScript Code
2016.08 [sans] Spam with Obfuscated Javascript
2016.07 [doyler] JavaScript Deobfuscation (ABCTF2016 – JS Pls)
2016.06 [] Automatically deobfuscate eval packed javascript with node.js
2016.06 [mcafee] Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
2016.06 [mcafee] Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
2016.05 [jeffsoh] Excellent Manual Javascript Deobfuscation Walk through
2016.05 [theevilbit] JavaScript deobfuscation: criminal case against you.wsf
2016.03 [freebuf] 技术分享：几种常见的JavaScript混淆和反混淆工具分析实战
2016.02 [jeffsoh] JavaScript Deobfuscation Update
2016.02 [sans] Locky: JavaScript Deobfuscation
2016.02 [sans] More Malicious JavaScript Obfuscation
2016.01 [sans] JavaScript Deobfuscation Tool
2016.01 [360] Javascript Deobfuscator：JavaScript反混淆工具更新
2015.12 [] estools 辅助反混淆 Javascript
2015.09 [trustwave] Lessons in Spam JavaScript Obfuscation Layers
2015.08 [knownsec] 使用 estools 辅助反混淆 Javascript
2013.09 [pwndizzle] How not to Obfuscate your Javascript
2013.02 [jeffsoh] JavaScript Deobfuscation
2012.10 [defensecode] Diving into recent 0day Javascript obfuscations
2012.09 [techyzilla] Better Javascript Obfuscating Method To Protect Your Code
2012.07 [jeffsoh] JavaScript unescape obfuscated code
2012.06 [sans] Using JSDetox to Analyze and Deobfuscate Javascript
2012.04 [hiddenillusion] Deobfuscating JavaScript with Malzilla
2012.04 [sans] Blacole's obfuscated JavaScript
2012.03 [sans] Phishing with obfuscated javascript, shellcode and malware
2012.01 [sans] The tale of obfuscated JavaScript continues
2011.12 [sans] V8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011.07 [rapid7] Javascript Obfuscation in Metasploit
2011.03 [talosintelligence] Attack Obfuscation - Not Just For JavaScript
2010.12 [talosintelligence] Detecting Obfuscated Malicious JavaScript with Snort and Razorback
2010.09 [kkotowicz] Creating, obfuscating and analyzing malware JavaScript
2010.06 [trustedsec] Anti-Virus Evasion through JavaScript Obfuscation
2010.04 [forcepoint] Multi-layer Obfuscated JavaScript Using Twitter API
2010.04 [sans] JavaScript obfuscation in PDF: Sky is the limit
2009.05 [talosintelligence] Gumblar and More On Javascript Obfuscation
2009.04 [sans] Advanced JavaScript obfuscation (or why signature scanning is a failure)
2009.02 [talosintelligence] Detecting Silly Javascript Obfuscation Techniques
2008.07 [sans] Obfuscated JavaScript Redux
2008.04 [sans] Advanced obfuscated JavaScript analysis
2008.04 [sans] Mixed (VBScript and JavaScript) obfuscation
2007.10 [sans] Deobfuscating javascript
2007.08 [sans] Raising the bar: dynamic JavaScript obfuscation
2006.07 [sans] Browser does matter, not only for vulnerabilities - a story on JavaScript deobfuscation

LLVM

obfuscator

工具

[2113星][12d] obfuscator-llvm/obfuscator Obfuscator-LLVM
[1182星][4m] hikariobfuscator/hikari LLVM Obfuscator
[249星][12d] [Py] rpisec/llvm-deobfuscator Performs the inverse operation of the control flow flattening pass performed by LLVM-Obfuscator
[71星][12d] [C++] qtfreet00/llvm-obfuscator ollvm based on llvm 5.0 release
[39星][6m] [Shell] lawliet89/llvm-obfuscator LLVM Obfuscator
[32星][4m] [C++] exorxw/kylin-llvm-obfuscator based on llvm 5.0.1 release with ollvm
[28星][19d] [C++] tsarpaul/llvm-string-obfuscator LLVM String Obfuscator

armariris

工具

[691星][12m] [C++] gossip-sjtu/armariris 由上海交通大学密码与计算机安全实验室维护的LLVM混淆框架

文章

2019.06 [360] 使用unicorn engin还原Armariris字符串混淆

tigress

工具

[475星][7m] [LLVM] jonathansalwan/tigress_protection Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.

工具

[199星][4y] [Py] f8left/decllvm IDA plugin for OLLVM analysis
[178星][11d] [Py] amimo/ollvm-breaker 使用Binary Ninja去除ollvm流程平坦混淆
[158星][6y] [C] fuzion24/androidobfuscation-ndk Example of obfuscating an Android NDK project using O-LLVM
[101星][12d] amimo/goron Yet another llvm based obfuscator
[52星][4m] [Py] sfwishes/ollvm_de_fla deobfuscation ollvm's fla
[29星][15d] [C++] allocandinit/ollvm5.0.1 obfuscator 基于 llvm 5.0.1 版本
[16星][1m] [Py] get1t/deollvm64 deobfuscator llvm arm64 script
[14星][15d] [Shell] nickdiego/docker-ollvm Easily build and package Obfuscator-LLVM into Android NDK.
[10星][2m] [Py] get1t/deollvm deollvm arm64 based unicorn
[None星][Py] maiyao1988/deobf An arm32 ollvm like deofuscator,aim to remove obfuscation made by ollvm like compiler

文章

2019.11 [aliyun] 使用IDA microcode去除ollvm混淆(下)
2019.11 [zimperium] SATURN Software deobfuscation framework based on LLVM
2019.11 [aliyun] 使用IDA microcode去除ollvm混淆(上)
2019.09 [quarkslab] Obfuscating Java bytecode with LLVM and Epona
2019.08 [mediacccde] LO! An LLVM Obfuscator - deutsche Übersetzung
2019.08 [mediacccde] LO! An LLVM Obfuscator
2019.08 [BornHack] BornHack 2019 - Klondike - LO! An LLVM Obfuscator
2019.05 [SecurityFest] Calle Svensson - Software Obfuscation with LLVM - SecurityFest 2019
2019.01 [pediy] [原创]ollvm字符混淆修复
2018.10 [pediy] [原创] obfuscator-llvm-3.6.1 的 VS2017 win32 修正编译
2018.04 [pediy] [原创]ollvm快速学习
2018.02 [pediy] [翻译]LLVM代码混淆分析及逻辑还原
2017.07 [360] 为OLLVM添加字符串混淆功能
2017.05 [pediy] [原创]ollvm的混淆反混淆和定制修改
2017.03 [freebuf] 反混淆：恢复被OLLVM保护的程序
2016.07 [pediy] 基于LLVM IR的源代码混淆的实现
2015.05 [yurichev] 16-May-2015: Tweaking LLVM Obfuscator + quick look into some of LLVM internals.
2014.12 [quarkslab] Deobfuscation: recovering an OLLVM-protected program

Shellcode

工具

[506星][21d] [Py] zdresearch/owasp-zsc Shellcode/混淆代码生成器
[195星][2y] [Py] mr-un1k0d3r/unibyav a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.
[148星][4y] [Py] kgretzky/python-x86-obfuscator This is a WIP tool that performs shellcode obfuscation in x86 instruction set.
[45星][20d] [Py] eteissonniere/elidecode The tool to decode obfuscated shellcodes using the unicorn and capstone engine
[44星][4m] [Py] offsecginger/pythonaesobfuscate Obfuscates a Python Script and the accompanying Shellcode.
[13星][4m] [C++] hoodoer/enneos Evolutionary Neural Network Encoder of Shenanigans. Obfuscating shellcode with an encoder that uses genetic algorithms to evolve neural networks to contain and output the shellcode on demand.

文章

2020.04 [morphisec] Lokibot with AutoIt Obfuscator + Frenchy Shellcode
2017.08 [zerosum0x0] 在线版混淆字符串/Shellcode 生成器
2017.02 [csyssec] X86 Shellcode代码混淆(一)
2016.06 [breakdev] X86 Shellcode Obfuscation - Part 3
2016.05 [breakdev] X86 Shellcode Obfuscation - Part 2
2016.05 [breakdev] X86 Shellcode Obfuscation - Part 1
2014.03 [zairon] Obfuscated shellcode inside a malicious RTF document

Bash

bashfuscator

工具

[495星][8m] [Py] bashfuscator/bashfuscator 一个完全可配置和可扩展的Bash混淆框架。

文章

2018.12 [0x00sec] Yes, Bash Can Get Uglier: Introducing Bashfuscator, A Bash Obfuscation Framework

工具

[80星][9m] [PHP] rizer0/blind-bash Obfuscate your Bash Code
[19星][2m] [JS] willshiao/node-bash-obfuscate A Node.js CLI tool and library to heavily obfuscate bash scripts.

文章

2018.11 [ironcastle] Obfuscated bash script targeting QNap boxes, (Mon, Nov 26th)
2018.11 [sans] Obfuscated bash script targeting QNap boxes
2014.10 [f5] Shellshock: Malicious Bash, Obfuscated perlb0t, Echo Probes, and More

PHP

php-obfuscator

工具

[417星][4m] [PHP] naneau/php-obfuscator A parsing PHP obfuscator

yakpro-po

工具

[551星][9d] [PHP] pk-fr/yakpro-po YAK Pro - Php Obfuscator

optimus

工具

[1001星][12d] [PHP] jenssegers/optimus 根据Knuth的整数散列将内部id转换为模糊整数。它类似于hashid，但将生成整数而不是随机字符串。它也非常快
[100星][4m] [PHP] cybercog/laravel-optimus Transform your internal id's to obfuscated integers based on Knuth's integer hash. Laravel wrapper for the Optimus Library by Jens Segers with multiple connections support.

工具

[96星][4m] [PHP] ph-7/obfuscator-class Simple and effective Obfuscator PHP class (this is not a stupid base64 encoding script, but a real and effective obfuscation script)
[72星][18d] [PHP] bediger4000/php-malware-analysis Deobfuscation and analysis of PHP malware captured by a WordPress honey pot
[70星][3y] [Py] antelox/fopo-php-deobfuscator A simple script to deobfuscate PHP file obfuscated with FOPO Obfuscator -
[49星][5m] [PHP] bediger4000/reverse-php-malware De-obfuscate and reverse engineer PHP malware
[25星][1m] [Py] zigzag2050/mzphp2-deobfuscator A de-obfuscate tool for code generated by mzphp2. 用于解混淆mzphp2加密的php文件的工具。
[22星][5m] coldev/coldevprolayer Protect your PHP code with obfuscation and encryption
[18星][3m] [PHP] darsyn/obfuscator Obfuscate PHP source files with basic XOR encryption in userland code at runtime.
[12星][1m] [PHP] ammarfaizi2/php-integral-obfuscator PHP Integral Obfuscator
[10星][4y] [PHP] k0u5uk3/obfuscated-php-webshell-detector obfuscated-php-webshell-detector - Detect PHP Webshell in obfusucation
[10星][12m] [PHP] th1k404/unishell A piece of php webshell which are using khmer unicode and yak obfuscator to be undetectable and silently.
[9星][1m] [PHP] simon816/phpdeobfuscator Advanced PHP deobfuscator

文章

2020.03 [aliyun] 开发简单的PHP混淆器与解混淆器
2019.08 [0x00sec] Reverse Obfuscated PHP Code
2019.05 [detectify] How-to Tutorial: PHP Webshell De-Obfuscation
2014.07 [coder] PHP script deobfuscation for dummies
2012.05 [freebuf] php的代码混淆工具-carbylamine
2012.01 [coder] PHP script deobfuscation for dummies
2010.11 [e] php code obfuscator
2010.04 [coder] PHP Obfuscator by dx
2009.06 [gamelinux] Obfuscating php code with base64

Go

gobfuscate

工具

[404星][11d] [Go] unixpickle/gobfuscate Obfuscate Go binaries and packages

工具

[201星][13d] [Go] mvdan/garble Obfuscate Go builds

Office

macro_pack

工具

[817星][15d] [Py] sevagas/macro_pack 自动生成并混淆MS 文档, 用于渗透测试、演示、社会工程评估等

文章

2019.09 [freebuf] Macro_Pack中的宏代码混淆方法分析
2019.08 [4hou] Macro_Pack中的宏代码混淆方法分析
2018.05 [freebuf] Macro_Pack：一款用于自动化混淆和生成Office文档等文件格式的工具
2017.12 [n0where] Automatize Obfuscation and Generation of MS Office Documents: macro_pack

maliciousmacrogenerator

工具

[524星][1y] [Visual Basic .NET] mr-un1k0d3r/maliciousmacrogenerator 生成混淆的宏，可进行AV /沙箱逃逸

工具

[355星][3y] [Py] pepitoh/vbad VBA Obfuscation Tools combined with an MS office document generator
[29星][8d] [Py] bonnetn/vba-obfuscator 2018 School project - PoC of malware code obfuscation in Word macros

文章

2020.02 [rootshell] [SANS ISC] Simple but Efficient VBScript Obfuscation
2020.01 [freebuf] Office控件钓鱼：混淆拼接篇
2019.09 [dylankatz] Deobfuscating And Analyzing A Vbs Dropper
2018.11 [ironcastle] ViperMonkey: VBA maldoc deobfuscation, (Mon, Nov 26th)
2018.08 [cofense] Recent Geodo Malware Campaigns Feature Heavily Obfuscated Macros
2018.08 [ColinHardy] Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloader
2017.12 [sans] Microsoft Office VBA Macro Obfuscation via Metadata
2017.07 [sans] A VBScript with Obfuscated Base64 Data
2017.05 [malwaretracker] 恶意 Office 文档使用基于EPS 的混淆技术，躲避检测
2016.10 [cysinfo] Cyber Security with Amit Malik – Episode 2 – Macro Code De-obfuscation using Vbscript Debugger
2016.04 [mcafee] Macro Malware Employs Advanced Obfuscation to Avoid Detection
2016.04 [mcafee] Macro Malware Employs Advanced Obfuscation to Avoid Detection
2016.02 [malwarebytes] De-obfuscating malicious Vbscripts
2014.08 [securelist] Obfuscated malicious office documents adopted by cybercriminals around the world
2013.09 [pwndizzle] How not to Obfuscate your VBScript
2007.09 [sans] Deobfuscating VBScript

Python

pyminifier

工具

[912星][4m] [Py] liftoff/pyminifier Pyminifier is a Python code minifier, obfuscator, and compressor.

pyarmor

工具

[449星][4m] [Py] dashingsoft/pyarmor A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

neopi

工具

[348星][6y] [Py] neohapsis/neopi a Python script that uses a variety of statistical methods to detect obfuscated and encrypted content within text/script files

文章

2020.04 [oshpark] Neopixel Rotary Encoder
2017.05 [particle] Heads up – WS2812B NeoPixels are about to change!

intensio-obfuscator

工具

[302星][4m] [Py] hnfull/intensio-obfuscator Obfuscate a python code 2.x and 3.x

文章

2019.06 [freebuf] Intensio-Obfuscator：一款专业Python代码混淆处理工具

工具

[340星][12d] [Py] astrand/pyobfuscate Python源码混淆: 使得Python源代码对于人类来说难以阅读，而对于Python解释器来说仍然是可执行的
[123星][9d] [Py] felamos/weirdhta A python tool to create obfuscated HTA script.
[82星][2m] [Java] enovella/jebscripts A set of JEB Python/Java scripts for reverse engineering Android obfuscated code
[75星][7m] [Py] anvilventures/lookinsidethebox Breaks the encryption and obfuscation layers that Dropbox applies to their modified Python interpreter.
[74星][4m] [Py] pyobfx/pyobfx Python Obfuscator & Packer
[72星][22d] [Py] chris-rands/emojify Obfuscate your python script by converting it to emoji icons
[68星][1m] [Py] plantdaddy/fuzzap A python script for obfuscating wireless networks
[50星][1m] [Py] bwall/markovobfuscate Python library and tools to obfuscate data based on Markov models built off shared data
[48星][3m] [YARA] decalage2/balbuzard Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
[42星][23d] [Py] extremecoders-re/bytecode_simplifier A generic deobfuscator for PjOrion obfuscated python scripts
[39星][3y] [Py] extremecoders-re/pjorion-deobfuscator A deobfuscator for PjOrion, python cfg generator and more
[38星][1m] [Py] lasq88/deobfuscate Python script to automatically deobfuscate malware code
[31星][4m] [Py] alberties/ghostfuscator The Python Password-Protected Obfuscator
[9星][4m] [PHP] chrissy-morgan/php-webshell-deobfuscator A Tool written in Python to help de-obfuscate the $GLOBALS type malware.
[8星][7m] [Py] thngkaiyuan/mynaim Nymaim 家族样本反混淆插件

文章

2019.03 [thief] Python代码加密混淆
2018.02 [0x00sec] Plain Obfuscate Python script as malware
2016.07 [doyler] Deobfuscate Python (ABCTF2016 – Obfuscated 1)
2016.05 [freebuf] 用Python和Smali模拟器搞定一个加混淆、防篡改的APK逆向
2016.04 [evilsocket] How I Defeated an Obfuscated and Anti-Tamper APK With Some Python and a Home-Made Smali Emulator.
2016.04 [aassfxxx] Breaking Cerber strings obfuscation with Python and radare2
2016.04 [aassfxxx] Breaking Cerber strings obfuscation with Python and radare2
2014.05 [quarkslab] Building an obfuscated Python interpreter: we need more opcodes
2013.12 [HackersSecurity] DEFCON 18: Obfuscated Python
2012.06 [trustwave] 使用IDAPython对Flame的字符串进行反混淆

Android

simplify

工具

[3296星][11d] [Java] calebfenton/simplify Android虚拟机和deobfuscator

工具

[745星][5m] [YARA] rednaga/apkid Android应用程序标识符，用于包装器、保护器、混淆器和奇怪的东西
[370星][12d] [Ruby] calebfenton/dex-oracle A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
[314星][9m] [C] shadowsocks/simple-obfs-android 一个简单的Android混淆工具
[258星][2m] [Java] godlikewangjun/dexknife-wj apk加固插件带签名校验、dex加密、资源混淆
[230星][4y] [Ruby] strazzere/apkfuscator A generic DEX file obfuscator and munger
[196星][4m] [Py] claudiugeorgiu/obfuscapk A black-box obfuscation tool for Android apps
[165星][3y] ysrc/androidobfusedictionary Android ProGuard变态混淆字典
[119星][5m] [Java] stringcare/androidlibrary Android library to reveal or obfuscate strings and assets at runtime
[94星][6m] [Py] thuxnder/dalvik-obfuscator a set of tools/scripts to obfuscate and manipulate dex files
[90星][1m] [Py] necst/aamo Another Android Malware Obfuscator
[61星][5y] [Py] hamiltoniancycle/classnamedeobfuscator Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
[25星][5y] [Py] burningcodes/dexconfuse 简易dex混淆器
[17星][12d] [Py] omirzaei/androdet AndrODet: An Adaptive Android Obfuscation Detector
[15星][12d] [Java] miwong/tiro TIRO - A hybrid iterative deobfuscation framework for Android applications

文章

2020.02 [freebuf] Obfuscapk：一款针对Android应用程序的黑盒混淆工具
2020.02 [hakin9] Obfuscapk - A black-box obfuscation tool for Android apps
2019.12 [hakin9] Quark Engine - An Obfuscation-Neglect Android Malware Scoring System
2019.10 [aliyun] apk混淆工具Obfuscapk原理探究
2019.05 [arxiv] [1905.09136] DaDiDroid: An Obfuscation Resilient Tool for Detecting Android Malware via Weighted Directed Call Graph Modelling
2019.03 [virusbulletin] VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation
2018.10 [securitygossip] Tackling Runtime-based Obfuscation in Android With TIRO
2018.10 [sjtu] Tackling Runtime-based Obfuscation in Android With TIRO
2018.04 [360] 对混淆的Android应用进行渗透测试
2018.03 [guardsquare] Decompiling obfuscated Android applications
2018.03 [pediy] [原创]御安全浅析安卓开发代码混淆技术
2018.02 [tinyhack] Pentesting obfuscated Android App
2018.02 [pnfsoftware] A new APK Resources Decoder with de-Obfuscation Capabilities
2018.01 [arxiv] [1801.01633] Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild
2017.10 [360] 如何使用dex-oracle对抗混淆后的Android恶意软件
2017.10 [rednaga] Hacking with dex-oracle for Android Malware Deobfuscation
2017.04 [360] Android代码混淆技术总结（一）
2017.03 [360] Android 字符串及字典混淆开源实现
2017.01 [360] Android程序反混淆利器——Simplify工具
2016.12 [securitygossip] Statistical Deobfuscation of Android Applications
2016.12 [sjtu] Statistical Deobfuscation of Android Applications
2016.11 [arxiv] [1611.10231] Android Code Protection via Obfuscation Techniques: Past, Present and Future Directions
2016.11 [deepsec] DeepSec 2016 Talk: Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking – Inseung Yang
2016.04 [n0where] Generic Android Deobfuscator: Simplify
2016.03 [pnfsoftware] Deobfuscating Android Triada malware
2016.01 [freebuf] Oracle：安卓反混淆工具
2015.03 [Roland] 用ProGuard混淆Android代码
2015.02 [arxiv] [1502.01625] A Self-Compiling Android Data Obfuscation Tool
2014.12 [androidcracking] Simplify - Android Deobfuscator / Decryptor
2014.07 [virusbulletin] Paper: Obfuscation in Android malware, and how to fight back
2013.08 [pediy] [原创]Android分析之路（二）——代码混淆分析研究1
2013.06 [pediy] apkprotect（免费android代码混淆、加密保护工具）版本v0.3.8 2013.10.22更新
2013.04 [xyz] android应用安全——代码安全（android代码混淆）
2012.12 [pediy] [原创]一个简单的判断APK文件是否混淆的方法
2011.07 [pediy] [原创]APK反破解之一：Android Java混淆(ProGuard)
2008.10 [ysl] 請為你的 Android 程式加上 obfuscation 吧！

Apple

stcobfuscator

工具

[663星][1y] [ObjC] chenxiancai/stcobfuscator iOS全局自动化代码混淆工具！支持cocoapod组件代码一并混淆，完美避开hardcode方法、静态库方法和系统库方法！

工具

[1500星][12d] [ObjC] polidea/ios-class-guard Simple Objective-C obfuscator for Mach-O executables.
[1205星][11d] [Swift] rockbruno/swiftshield 为你的iOS项目的类型和方法(包括第三方库和故事板)生成不可逆加密名称的工具，以保护你的应用程序免受iOS逆向工程工具，如类转储和Cycript。
[520星][4y] [ObjC] pjebs/obfuscator-ios Secure your app by obfuscating all the hard-coded security-sensitive strings.
[500星][2m] [Ruby] kaich/codeobscure 方便强大的OC工程代码自动混淆工具
[358星][2y] [C] codermjlee/mjcodeobfuscation 一个用于代码混淆和字符串加密的Mac小Demo
[334星][2y] [C++] polidea/siriusobfuscator a tool for performing source-to-source obfuscation of Swift projects
[265星][9m] [ObjC] preemptive/ppios-rename Symbol obfuscator for iOS apps
[216星][5m] [Py] lennonchin/code-confuse-plugin iOS代码混淆插件
[144星][22d] [Swift] danleechina/mixplaintext 可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆，提高逆向分析难度。
[44星][15d] [Swift] pabloroca/obfuscateapi Mac OSX, Command line Swift 4 Utility for obfuscate / defuscate strings (API endpoints) in AES128 format.
[38星][6y] [C] x43x61x69/mach-o-prettifier A Mach-O Load Command deobfuscator.
[27星][2m] [C++] cuitche/code-obfuscation 一款iOS代码混淆工具(A code obfuscation tool for iOS.)
[3星][1m] [Java] maxpixelstudios/minecraftdecompiler A useful tool to decompile and deobfuscate Minecraft by CFR/FernFlower and Proguard/SRG/CSRG/TSRG mappings

文章

2019.10 [freebuf] Swiftshield：SwiftOBJ-C 代码混淆工具
2019.06 [h2hconference] Android Game of Obfuscation - Jurriaan Bremer and Rodrigo Chiossi - H2HC 2013
2019.06 [hitbsecconf] #HITB2019AMS D1T1 - Deobfuscate UEFI/BIOS Malware And Virtualized Packers - Alexandre Borges
2018.11 [ironcastle] More obfuscated shell scripts: Fake MacOS Flash update, (Tue, Nov 27th)
2018.11 [sans] More obfuscated shell scripts: Fake MacOS Flash update
2018.09 [pediy] [原创]尝试解下fairplayd(苹果|ios)的混淆(块调度)
2018.09 [4hou] 用于保护iOS应用程序的开源代码混淆工具Sirius发布（二）
2018.09 [4hou] 用于保护iOS应用程序的开源代码混淆工具Sirius发布（一）
2017.11 [pnfsoftware] Having Fun with Obfuscated Mach-O Files
2015.04 [securityintelligence] CVE-2015-1097: Deobfuscating iOS Kernel Pointers With an IBM X-Force-Discovered Vulnerability
2012.02 [reverse] Anti-disassembly & obfuscation #1: Apple doesn’t follow their own Mach-O specifications?

Java

nullproguard

工具

[273星][4m] [Java] w296488320/nullproguard 空白混淆源码

工具

[615星][13d] [Java] java-deobfuscator/deobfuscator Java 代码反混淆工具
[172星][4m] [Java] superblaubeere27/obfuscator A java obfuscator (GUI)
[165星][5m] [Java] itzsomebody/radon A crappy Java bytecode obfuscator (meaning: not for production use)
[142星][12d] [Java] graxcode/threadtear Multifunctional java deobfuscation tool suite
[92星][13d] [Java] yworks/yguard The open-source Java obfuscation tool working with Ant and Gradle by yWorks - the diagramming experts
[82星][19d] [Java] ysrc/obfusesmalitext smali文件，jar包字符串混淆，支持gradle插件
[65星][1m] [Java] calebwhiting/java-asm-obfuscator Obfuscates compiled java code to make it harder to reverse engineer.
[56星][4m] [Java] johnjohndoe/proguard Java class file shrinker, optimizer, obfuscator, and preverifier
[23星][19d] [Java] alpheratzteam/obfuscator Java Obfuscator
[18星][25d] [Java] damianszczepanik/silencio Silencio is a Java library for transforming and converting XML, JSON, YAML, Properties and other formats. It is applicable for most operations such as obfuscation, encryption, minimisation (minifying), anonymous. Library is fully customizable and extensible.
[14星][9m] [Java] graxcode/stringer-verification-bypass Patch java archives obfuscated and signed by stringer 3.x - 9.0 (
[9星][4m] [Java] mjvl/uniobfuscator Java obfuscator that hides code in comment tags and Unicode garbage by making use of Java's Unicode escapes.

文章

2020.04 [hakin9] Threadtear - Multifunctional java deobfuscation tool suite
2018.09 [arxiv] [1809.11037] A Systematic Study on Static Control Flow Obfuscation Techniques in Java
2017.09 [360] 基于ASM的Java字符串混淆工具实现
2016.07 [MalwareAnalysisForHedgehogs] Malware Analysis - Java Malware Deobfuscation
2015.02 [contextis] Automating Removal of Java Obfuscation
2013.07 [netspi] Java Obfuscation Tutorial with Zelix Klassmaster
2013.02 [security] Deobfuscating Java 7u11 Exploit from Cool Exploit Kit (CVE-2013-0431)
2013.01 [quequero] Malicious Java Applet Deobfuscation
2012.11 [security] Java Exploit Code Obfuscation and Antivirus Bypass/Evasion (CVE-2012-4681)
2008.09 [arxiv] [0809.3503] JDATATRANS for Array Obfuscation in Java Source Code to Defeat Reverse Engineering from Decompiled Codes
2008.07 [arxiv] [0807.4309] Array Based Java Source Code Obfuscation Using Classes with Restructured Arrays

CMD

invoke-dosfuscation

工具

[416星][2y] [PS] danielbohannon/invoke-dosfuscation Cmd.exe Command Obfuscation Generator & Detection Test Harness

文章

2018.10 [NorthSec] Daniel Bohannon - Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
2018.07 [pcsxcetrasupport3] A look at a Word document macro using Invoke-DOSfuscation

文章

2018.03 [fireeye] DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques

其他

flare-floss

工具

[1497星][12d] [Py] fireeye/flare-floss 自动从恶意代码中提取反混淆后的字符串
- floss
- IDA插件

文章

2016.05 [freebuf] 火眼实验室恶意软件开源分析工具Flare-floss

demovfuscator

工具

[516星][12d] [C++] kirschju/demovfuscator 对抗控制流线性化的工具，反混淆器。

hexraysdeob

工具

[318星][9m] [C++] rolfrolles/hexraysdeob 利用Hex-Rays microcode API破解编译器级别的混淆
[40星][4m] [C++] carbonblack/hexraysdeob Hex-Rays microcode API plugin for breaking an obfuscating compiler

callobfuscator

工具

[272星][4m] [C++] d35ha/callobfuscator 使用不同的Windows API混淆指定的Windows API

恶意代码

文章

2020.05 [vmray] Move Fast and Don’t Break Things (Part 2): Automated Malware De-obfuscation by Accurate API Monitoring
2020.05 [talosintelligence] Threat Spotlight: Astaroth — Maze of obfuscation and evasion reveals dark stealer
2020.04 [rootshell] [SANS ISC] Malicious Excel With a Strong Obfuscation and Sandbox Evasion
2020.03 [welivesecurity] Stantinko’s new cryptominer features unique obfuscation techniques | WeLiveSecurity
2020.02 [infosecinstitute] What is Malware Obfuscation?
2019.11 [trendmicro] More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
2019.11 [umbrella] Obfuscation: The Abracadabra of Malware Authors
2019.10 [HackersOnBoard] Black Hat USA 2016 Next Generation of Exploit Kit Detection By Building Simulated Obfuscators
2019.07 [freebuf] 教你使用Cutter和Radare2对APT32恶意程序流程图进行反混淆处理
2019.07 [arxiv] [1907.01445] Extended Report on the Obfuscated Integration of Software Protections
2019.06 [trendmicro] CVE-2019-2725 Exploited and Certificate Files Used for Obfuscation to Deliver Monero Miner
2019.05 [360] 使用Cutter和Radare2对APT32恶意程序流程图进行反混淆处理
2019.04 [trendmicro] Phishing Attack Uses Browser Extension Tool SingleFile to Obfuscate Malicious Log-in Pages
2019.03 [sucuri] Uncommon Radixes Used in Malware Obfuscation
2019.02 [carbonblack] Defeating Compiler-Level Obfuscations Used in APT10 Malware
2019.02 [4hou] 见招拆招分析银行木马：揭开恶意LNK真面目+逐步拆解混淆后Dropper
2019.01 [4hou] 一种新型恶意软件混淆技术的逆向分析
2019.01 [sans] FLOSS Every Day - Automatically Extracting Obfuscated Strings from Malware
2018.10 [4hou] GandCrab勒索软件的最新版本中开始引入加密和混淆功能
2018.10 [mcafee] Rapidly Evolving Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
2018.10 [mcafee] Rapidly Evolving Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
2018.10 [mcafee] Rapidly Evolving Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
2018.10 [NorthSec] Thaís aka barbie Moreira Hamasaki - Logic against sneak obfuscated malware
2018.10 [checkpoint] Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware - Check Point Research
2018.09 [tencent] MyKings僵尸网络最新变种突袭，攻击代码多次加密混淆，难以检测
2018.08 [4hou] 后门混淆和反检测技术
2018.08 [sans] Dealing with numeric obfuscation in malicious scripts
2018.07 [MalwareAnalysisForHedgehogs] Malware Analysis - DOSfuscation Deobfuscation
2018.07 [aliyun] 后门混淆和反检测技术
2018.07 [360] 后门混淆和逃避技术
2018.07 [imperva] The Trickster Hackers – Backdoor Obfuscation and Evasion Techniques
2018.07 [360] Malwarebytes 对使用混淆 Coinhive 短链接进行浏览器挖矿的调查分析
2018.07 [malwarebytes] Obfuscated Coinhive shortlink reveals larger mining operation
2018.06 [freebuf] 技术讨论 | NjRAT通过base64编码加密混淆Code免杀绕过360杀毒实验
2018.06 [serhack] Deobfuscating and Understanding a Trojan JScript
2018.04 [360] 深入分析恶意软件Formbook：混淆和进程注入（下）
2018.04 [360] 深入分析恶意软件Formbook：混淆和进程注入（上）
2018.01 [trendmicro] 以俄罗斯银行为目标的恶意 Android App FakeBank 使用新的混淆技巧
2017.08 [360] 分析一款代码经过混淆处理的勒索软件下载器
2017.08 [ringzerolabs] 分析多层混淆的 HTML 文档（Locky勒索软件的下载器）
2017.08 [MalwareAnalysisForHedgehogs] Malware Analysis - Deobfuscating Loyeetro Trojan-Spy
2017.08 [netskope] Adwind RAT employs new obfuscation techniques
2017.04 [ixiacom] Deobfuscating Malicious Actor Intentions for Your Web Server
2017.03 [itsjack] Deobfuscating API Call Strings In A ‘Banker’
2017.03 [adelmas] Analyzing and Deobfuscating FlokiBot Banking Trojan
2017.02 [vkremez] Trojan-Downloader:JS/Locky: Deobfuscate and Extract IOCs
2016.12 [rsa] How to deobfuscate malicious browser scripts using a script debugger
2016.11 [securityblog] Automatically extract obfuscated strings from malware
2016.10 [4hou] 恶意代码最新混淆技术分析
2016.10 [broadanalysis] EiTest campaign drops flash gate for obfuscated script sending GootKit banking malware
2016.09 [quarkslab] Arybo: cleaning obfuscation by playing with mixed boolean and arithmetic operations
2016.08 [8090] 代码战争：伪装和狙杀，从“壳”到“病毒混淆器
2016.08 [freebuf] 代码战争：伪装和狙杀，从“壳”到“病毒混淆器”
2016.08 [mcafee] Obfuscated Malware Discovered on Google Play
2016.08 [mcafee] Obfuscated Malware Discovered on Google Play
2016.07 [ixiacom] MALWARE DELIVERY SECRETS: RTF OBFUSCATION
2016.07 [malwarenailed] Locky Ransomware - Obfuscated Weaponry
2016.06 [fireeye] Automatically Extracting Obfuscated Strings from Malware using the FireEye Labs Obfuscated String Solver (FLOSS)
2016.06 [fortinet] Obfuscated Bitcoin Miner Propagates Through FTP Using Password Dictionary
2016.05 [jeffsoh] Heavy Obfuscation != Malicious
2016.04 [freebuf] 恶意软件混淆检测算法分析
2015.09 [freebuf] 一种在恶意软件中常见的字符串和Payload混淆技术
2015.09 [securityintelligence] An Example of Common String and Payload Obfuscation Techniques in Malware
2015.06 [malwarebytes] Complex Method of Obfuscation Found in Dropper RealShell
2015.02 [arxiv] [1502.03245] FEEBO: An Empirical Evaluation Framework for Malware Behavior Obfuscation
2014.05 [mcafee] Necurs, Zbot Droppers Use Obfuscated Windows XP Detection to Bypass Automated Analysis
2014.05 [mcafee] Necurs, Zbot Droppers Use Obfuscated Windows XP Detection to Bypass Automated Analysis
2014.03 [k7computing] Volume III: Who aM I? Confessions of an Obfuscated JS Worm
2014.03 [k7computing] Volume III: Who aM I? Confessions of an Obfuscated JS Worm
2014.03 [k7computing] Volume II: Who aM I? Confessions of an Obfuscated JS Worm
2014.03 [k7computing] Volume II: Who aM I? Confessions of an Obfuscated JS Worm
2014.03 [k7computing] Volume I: Who aM I? Confessions of an Obfuscated JS Worm
2014.03 [k7computing] Volume I: Who aM I? Confessions of an Obfuscated JS Worm
2013.05 [sans] Tools for Examining XOR Obfuscation for Malware Analysis
2013.03 [malwarebytes] Obfuscation: Malware’s best friend
2013.01 [checkpoint] Tales from the Crypter: Thwarting Malware Obfuscation with Threat Emulation | Check Point Software Blog
2012.12 [forcepoint] Sharing the Experience of Deobfuscating a Trojan
2012.06 [sans] Decoding Common XOR Obfuscation in Malicious Code
2011.08 [webroot] Trojans Employ Misdirection Instead of Obfuscation
2010.12 [yurichev] 7-Dec-2010: Making C compiler generate obfuscated code
2010.03 [securelist] New Brazilian banking Trojans recycle old URL obfuscation tricks
2008.04 [secshoggoth] Obfuscating Malware for Fun and Prizes
2006.12 [pediy] [翻译]注入动态生成及混淆的恶意代码的检测

新添加-混淆

工具

[215星][1y] [Java] neo23x0/fnord 一种用于混淆代码的模式提取器
[185星][3y] [PS] cobbr/obfuscatedempire Empire的Fork，集成了Invoke-Obfuscation
[165星][2m] [JS] zsoltszabo/node-uglifier 完全自动合并和混淆(丑化)整个NodeJs项目到一个文件与外部文件选项
[161星][17d] [Py] z0noxz/powerstager 创建可执行文件，用于下载PowerShell Payload，将其加载到内存，并使用混淆的EC方法运行
[152星][26d] [Go] znly/strobfus String obfuscation
[142星][2y] [Py] gumblex/ptproxy Turn any pluggable transport for Tor into an obfuscating TCP tunnel.
[132星][8m] [C#] nyan-x-cat/lime-crypter Simple obfuscation tool
[131星][9m] [C] changeofpace/overwatch-dump-fix x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.
[131星][6m] [PHP] propaganistas/laravel-fakeid Automatic model ID obfuscation in routes for Laravel 5
[120星][4m] we5ter/flerken A Solution For Cross-Platform Obfuscated Commands Detection
[114星][4m] [Py] ekultek/graffiti A tool to generate obfuscated one liners to aid in penetration testing
[106星][16d] [C] vmonaco/kloak Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
[101星][3y] [Py] mr-un1k0d3r/sct-obfuscator Cobalt Strike SCT payload obfuscator
[100星][2m] [C] elfmaster/dsym_obfuscate Obfuscates dynamic symbol table
[93星][4y] [C] osandamalith/ipobfuscator A simple tool to convert the IP to a DWORD IP
[90星][19d] [C++] koemeet/rtti-obfuscator Obfuscates all RTTI (Run-time type information) inside a binary
[88星][2y] [C] lloydlabs/windows-api-hashing 通过哈希混淆API
[76星][11d] [Java] radioegor146/native-obfuscator Java .class to .cpp converter for use with JNI
[73星][2y] [C++] nickcano/relocbonus An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
[71星][4y] [Py] kkar/vbs-obfuscator-in-python VBScript混淆允许pentester绕过对策
[71星][24d] [TS] javascript-obfuscator/react-native-obfuscating-transformer Obfuscation for React Native bundles
[66星][2m] [Py] nullhypothesis/scramblesuit The ScrambleSuit traffic obfuscation protocol.
[59星][3y] [Py] amoulu/tinysmaliemulator A very minimalist smali emulator that could be used to "decrypt" obfuscated strings
[58星][12d] [JS] coston/react-obfuscate An intelligent React component to obfuscate any contact link!
[57星][14d] [C++] haidragon/study_obscure 混淆反混淆
[55星][2y] [PS] mr-un1k0d3r/base64-obfuscator Simple PowerShell Base64 encoder to avoid detection of your malicious payload
[54星][1m] [Py] mushorg/oschameleon OS Fingerprint Obfuscation for modern Linux Kernels
[47星][23d] [C++] thebabush/dumb-obfuscator Tutorial on how to write the dumbest obfuscator I could think of.
[46星][4m] [C++] timelifeczy/sheller 一键加壳/脱壳，混淆，花指令，反调试等
[45星][4m] [Assembly] martinvelez/w32evol An obfuscation engine which obfuscates Intel x86 32-bit binary code.
[43星][2y] [Py] nikshepsvn/scatterfly An attempt to improve user privacy by intelligent data obfuscation.
[43星][12d] [C] tum-i22/obfuscation-benchmarks A set of programs used for benchmarking the strength of obfuscation
[42星][4y] [Py] cylance/markovobfuscate Use Markov Chains to obfuscate data as other data
[39星][1m] [Shell] dlshad/openvpn-shapeshifter This script will automatically guide you to install and configure your OpenVPN server with Shapeshifter Dispatcher (obfuscation) which will allow you to bypass the DPI blockage on OpenVPN. This setup will offer the users the freedom to choose between regular OpenVPN connection or obfuscated one, they actually can use both! OpenVPN is the VPN pro…
[37星][4m] [Shell] hromie/obfs4proxy-openvpn Obfuscating OpenVPN traffic using obfs4proxy
[36星][4m] [Visual Basic] doctorlai/vbscript_obfuscator The VBScript Obfuscator written in VBScript
[33星][1y] [C] mmyydd/relative-pattern Recover control flow graph from obfuscated codes
[33星][1m] [C++] hikariobfuscator/core Shared Obfuscation Core
[31星][1y] [C] segnolin/vobfus virtualization obfuscator inspired by juhajong/vm-obfuscator
[29星][5m] [Java] rabrg/refactored-client Refactoring the obfuscated v317 of the RuneScape (RuneTek 3) client.
[29星][6m] [Java] guardianproject/pluto Pluggable Library (for) Using Traffic Obfuscation: DEPRECATED - SEE LINK FOR NEW PROJECT
[28星][2y] [Py] mgeeky/visualbasicobfuscator Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
[27星][9m] [PS] danmcinerney/invoke-cats Obfuscated Invoke-Mimikatz
[27星][4m] [Go] getlantern/lampshade Obfuscated encrypted network protocol for Lantern
[26星][8m] [PHP] krowinski/tinyid Shorten and obfuscate IDs
[24星][12d] [C++] d35ha/xobf Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
[21星][16d] [HTML] guillac/jsbatchobfuscator JSBatchobfuscator is a simple obfuscator for batch script
[19星][11d] [Jupyter Notebook] antoinevastel/simplejsobfuscator Example of a simple JS obfuscator
[19星][2m] maxfong/obfuscatorxcplugin 逻辑混淆XCode插件
[18星][7m] [Py] transferwise/pg_ninja The ninja elephant obfuscation and replica tool
[17星][10m] [Py] twisteroidambassador/udpack UDPack is an extensible generic UDP packet obfuscator.
[16星][11m] [Haxe] markknol/hxobfuscator Shortens names for smaller output and better gzip compression in Haxe/JavaScript builds
[16星][19d] [Py] c0cc/code_obfuscate python 字节码混淆工具
[14星][6m] [PHP] networkteam/networkteam.neos.mailobfuscator Email address obfuscation for Neos CMS
[14星][3m] [Go] potato-industries/gohide tunnel port to port traffic over an obfuscated channel with AES-GCM encryption.
[13星][5m] [PHP] pelock/autoit-obfuscator AutoIt Obfuscator lets you protect AutoIt script source code against analysis, reverse engineering and decompilation using advanced obfuscation techniques and polymorphic encryption.
[13星][1y] [Swift] mrigankgupta/mgobfuscator An easy encryptor / decryptor for iOS
[10星][6m] [C#] kendtimothy/obfuscation Obfuscation / Integer Masking library to encrypt numeric id to short string, generating a similar result to YouTube video id.
[9星][2y] [Py] d00rt/easy_way_nymaim IDA脚本, 用于去除恶意代码nymaim的混淆,创建干净的idb
[9星][2m] [C] olbat/binsh Shell script obfuscation tool (compile, encrypt and passphrase-protect)
[8星][4m] [C] mickdec/haremg0.b-cl Fully obfuscated trojan generator for windows.
[7星][3y] [F#] enkomio/mealyobfuscator String obfuscator based on the Mealy automata
[7星][1y] [PHP] mattiasgeniar/encoder Encoding, Decoding and Obfuscating strings.
[6星][5m] [Java] itemic/rotacsufbo did u know the name of the repo is obfuscator backwards?
[5星][2y] [C++] polidea/siriusobfuscator-symbolextractorandrenamer
[4星][2y] [Py] jamcut/obfuscate_launcher Simple script for obfuscating payload launchers
[4星][6m] [Py] pwnslinger/smc Self-modifying Code de-obfuscation
[3星][2y] [Swift] polidea/siriusobfuscator-verificationsuite
[3星][4m] [Java] tedstardev/mojang2tsrg A small tool that converts Mojang's ProGuard obfuscation map to TSRG format, for use by SpecialSource
[2星][2y] [ObjC] jacksujunjie/safedemo Objective-C代码混淆(网络安全)
[2星][1y] [Py] nlog2n/pyobfuscator Python code obfuscator
[2星][2y] [Ruby] polidea/siriusobfuscator-fileextractor
[1星][2y] [Jupyter Notebook] s-mohammad-hashemi/sst Stochastic Substitute Training: A Gray-box Approach to Craft Adversarial Examples Against Gradient Obfuscation Defenses
[1星][2y] [C] ryanlederman/huhu.c My attempt at C obfuscation (and a running joke on IRC) - yes, it works!
[0星][1y] [PS] irq8/obfpsh Preobfuscated Empire module source with Invoke-Obfuscation for easy cloning. /data/obfuscated_module_source
[0星][4y] [Py] zonksec/dakotacon-ctf-extension-crusher quick and dirty script to decode and extract obfuscated files.
[None星][C++] eaglx/vmprotect Obfuscation method using virtual machines.
[None星][C++] meme/hellscape GIMPLE obfuscator for C, C++, Go, ... all supported GCC targets and front-ends that use GIMPLE.

文章

2020.04 [blackhillsinfosec] Getting Started With ROT Obfuscation
2020.04 [rootshell] [SANS ISC] Obfuscated with a Simple 0x0A
2020.03 [virusbulletin] VB2019 paper: Defeating APT10 compiler-level obfuscations
2020.01 [aliyun] X86指令混淆之函数分析和代码块粉碎
2019.12 [t00ls] CMD命令混淆浅析
2019.12 [trendmicro] Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
2019.11 [p0w3rsh3ll] Hunting for obfuscation
2019.11 [freebuf] 猫鼠游戏: 持续渗透中的高级命令混淆对抗 | CIS 2019议题前瞻
2019.11 [binarydefense] Revenge is a Dish Best Served... Obfuscated? - Binary Defense
2019.10 [Cooper] Defeating APT10 Compiler-level Obfuscations - Takahiro Haruyama
2019.10 [shaurya] Obfuscated/Polyglot XSS Payloads Simplified with references.
2019.09 [quarkslab] Epona and the Obfuscation Paradox: Transparent for Users, a Pain for Reversers
2019.08 [proofpoint] Phishing Actor Using XOR Obfuscation Graduates to Enterprise Cloud Storage on AWS
2019.08 [trendmicro] Latest Trickbot Campaign Delivered via Highly Obfuscated JS File
2019.08 [infosecinstitute] MITRE ATT&CK vulnerability spotlight: Obfuscated files or information
2019.07 [aliyun] 关于对antSword(蚁剑)进行流量混淆处理的解决方案
2019.06 [freebuf] Graffiti：一款专为渗透测试人员设计的混淆代码One Liner
2019.06 [trustedsec] On the possibility of obfuscating code using neural networks
2019.05 [compass] Reversing obfuscated passwords
2019.05 [arxiv] [1905.09778] Privacy-Preserving Obfuscation of Critical Infrastructure Networks
2019.05 [aliyun] 混淆IDA F5的一个小技巧-x86
2019.05 [aliyun] 混淆IDA F5的一个小技巧-x64
2019.05 [talosintelligence] Qakbot levels up with new obfuscation techniques
2019.04 [urlteam] 爬虫解决网站混淆JS跳转
2019.04 [arxiv] [1904.09516] EOP: An Encryption-Obfuscation Solution for Protecting PCBs Against Tampering and Reverse Engineering
2019.04 [arxiv] [1904.09429] Chaotic Compilation for Encrypted Computing: Obfuscation but Not in Name
2019.04 [nviso] Circumventing SSL Pinning in obfuscated apps with OkHttp
2019.04 [NDSSSymposium] NDSS 2019 OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX
2019.03 [arxiv] [1904.00188] PILOT: Password and PIN Information Leakage from Obfuscated Typing Videos
2019.03 [freebuf] SharPyShell：用于C# Web应用程序的小型混淆版WebShell
2019.03 [sucuri] More on Dnsden[.]biz Swipers and Radix Obfuscation
2019.03 [arxiv] [1903.02601] Attack Graph Obfuscation
2019.03 [arxiv] [1903.00841] CodeTrolley: Hardware-Assisted Control Flow Obfuscation
2019.02 [aliyun] 使用机器学习检测混淆过的cmd命令
2019.02 [xplodwild] Reverse engineering of a mobile game, part 3: Now, it’s obfuscated
2019.02 [TechnicalMujeeb] Install and use Ip obfuscator tool in Termux | termux 2019
2019.02 [arxiv] [1902.06146] Compiled Obfuscation for Data Structures in Encrypted Computing
2019.02 [seowhistleblower] Cheat Engine Tutorial: How to Convert AA Scripts to Lua and Obfuscate Trainer Data! [Terraria]
2019.01 [klee] A Framework for Measuring Software Obfuscation Resilience Against Automated Attacks
2019.01 [klee] Control Flow Obfuscation using Neural Network to Fight Concolic Testing
2018.12 [freebuf] 新型诈骗花样多，使用多种混淆方法绕过安全检测
2018.12 [aliyun] 使用机器学习检测混淆的命令行
2018.11 [fireeye] Obfuscated Command Line Detection Using Machine Learning
2018.11 [arxiv] [1811.12365] (Un)Encrypted Computing and Indistinguishability Obfuscation
2018.11 [trustwave] 解析一个感恩节诈骗行动中使用的MS Office文件
2018.11 [ironcastle] Basic Obfuscation With Permissive Languages, (Fri, Nov 16th)
2018.11 [sans] Basic Obfuscation With Permissive Languages
2018.11 [pediy] [原创]Null混淆
2018.11 [malwarebytes] Browlock flies under the radar with complete obfuscation
2018.10 [arxiv] [1810.10031] Stochastic Substitute Training: A Gray-box Approach to Craft Adversarial Examples Against Gradient Obfuscation Defenses
2018.10 [pediy] [原创] 关于代码混淆以及垃圾代码的处理，第一篇(寄存器混淆)
2018.10 [pediy] [原创]代码混淆之我见（一）
2018.10 [arxiv] [1810.01571] Distributing and Obfuscating Firewalls via Oblivious Bloom Filter Evaluation
2018.09 [360] DDE混淆的3种新方法
2018.09 [aliyun] 三种新型的DDE混淆方法
2018.09 [arxiv] [1809.10743] SAIL: Machine Learning Guided Structural Analysis Attack on Hardware Obfuscation
2018.09 [infosecinstitute] Reverse Engineering Obfuscated Assemblies [Updated 2018]
2018.09 [reversinglabs] Three New DDE Obfuscation Methods
2018.09 [hexblog] Hex-Rays Microcode API vs. Obfuscating Compiler
2018.09 [arxiv] [1809.06207] Algorithmic Obfuscation over GF($2^m$)
2018.09 [arxiv] [1809.01562] Probabilistic Modeling and Inference for Obfuscated Cyber Attack Sequences
2018.08 [ironcastle] Identifying numeric obfuscation, (Sun, Aug 26th)
2018.08 [sans] Identifying numeric obfuscation
2018.08 [arxiv] [1808.07432] A Developer-Friendly Library for Smart Home IoT Privacy-Preserving Traffic Obfuscation
2018.08 [acolyer] Obfuscated gradients give a false sense of security: circumventing defenses to adversarial examples
2018.08 [sans] Numeric obfuscation: another example
2018.08 [dist67] Dealing With Numeric Obfuscation
2018.07 [arxiv] [1807.09464] Specification-Based Protocol Obfuscation
2018.07 [arxiv] [1807.08456] On the Anonymization of Differentially Private Location Obfuscation
2018.07 [arxiv] [1807.01860] Privacy-preserving Machine Learning through Data Obfuscation
2018.06 [arxiv] [1806.10313] DeepObfuscation: Securing the Structure of Convolutional Neural Networks via Knowledge Distillation
2018.06 [HackerSploit] AV/IDS Evasion With Msfvenom - Payload Encoding Through Obfuscation
2018.06 [arxiv] [1806.02011] DMOS-PUF: Dynamic Multi-key-selection Obfuscation for Strong PUFs against Machine Learning Attacks
2018.06 [arxiv] [1806.02432] Obfuscation Resilient Search through Executable Classification
2018.06 [arxiv] [1806.01393] REORDER: Securing Dynamic-Priority Real-Time Systems Using Schedule Obfuscation
2018.05 [arxiv] [1805.08866] Author Obfuscation Using Generalised Differential Privacy
2018.05 [graxcoding] Taking a closer look at Zelix KlassMaster’s Flow Obfuscation
2018.05 [arxiv] [1805.02684] Improving Network Intrusion Detection Classifiers by Non-payload-Based Exploit-Independent Obfuscations: An Adversarial Approach
2018.04 [arxiv] [1804.11275] LUT-Lock: A Novel LUT-based Logic Obfuscation for FPGA-Bitstream and ASIC-Hardware Protection
2018.04 [arxiv] [1805.00054] Benchmarking the Capabilities and Limitations of SAT Solvers in Defeating Obfuscation Schemes
2018.04 [arxiv] [1804.04779] A Hybrid Model for Identity Obfuscation by Face Replacement
2018.04 [sucuri] Obfuscation Through Legitimate Appearances
2018.03 [arxiv] [1803.10133] You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information
2018.03 [360] Cobalt Strike：使用混淆技术绕过Windows Defender
2018.03 [offensiveops] Empire, Kaspersky & Obfuscation oh my!
2018.03 [aliyun] Cobalt Strike——利用混淆处理绕过Windows Defender
2018.03 [offensiveops] 使用混淆绕过Windows Defender
2018.03 [aliyun] 深入探索数据库攻击技术 Part 1：SQL混淆
2018.03 [arxiv] [1803.03332] Deep RNN-Oriented Paradigm Shift through BOCANet: Broken Obfuscated Circuit Attack
2018.03 [pediy] [原创]使用Unicorn Engine绕过混淆完成算法的调用
2018.03 [pediy] [翻译]手把手静态分析FinSpy VM：第一部分，x86去混淆
2018.02 [360] 一类混淆变形的Webshell分析
2018.02 [imperva] A Deep Dive into Database Attacks [Part I]: SQL Obfuscation
2018.02 [arxiv] [1802.04259] Sphinx: A Secure Architecture Based on Binary Code Diversification and Execution Obfuscation
2018.02 [freebuf] 任意用户密码重置（三）：用户混淆
2018.02 [arxiv] [1802.02789] Exploiting Spin-Orbit Torque Devices as Reconfigurable Logic for Circuit Obfuscation
2018.02 [arxiv] [1802.00420] Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
2018.01 [pediy] [原创]汇编指令级混淆器的实现
2018.01 [f5] What is HTML Field Obfuscation?
2018.01 [arxiv] [1801.02742] A Large Scale Investigation of Obfuscation Use in Google Play
2017.12 [dist67] Dealing with obfuscated rtf files
2017.12 [sans] Dealing with obfuscated RTF files
2017.12 [360] 深入分析PE可执行文件是如何进行加壳和数据混淆的
2017.12 [arxiv] [1712.04130] Topology of Privacy: Lattice Structures and Information Bubbles for Inference and Obfuscation
2017.12 [antoinevastel] What is obfuscation?
2017.11 [arxiv] [1711.09001] Natural and Effective Obfuscation by Head Inpainting
2017.11 [cobbr] PSAmsi - Minimizing Obfuscation to Maximize Stealth
2017.11 [arxiv] [1711.05284] Obfuscating the Interconnects: Low-Cost and Resilient Full-Chip Layout Camouflaging
2017.11 [360] MSWord：如何混淆域代码绕过基于Yara规则的DDEAUTO检测
2017.11 [darkoperator] 测试 Windows Defender Exploit Guard 使用 Attack Surface Reduction（ASR）规则检测/阻止特定行为的能力. 检测和阻止混淆后的脚本执行。结果显示 ASR 规则并不给力，使用 Invoke-Obfuscation 混淆的脚本成功执行
2017.11 [pediy] [翻译]MSWord-用字段代码混淆
2017.11 [sans] Simple Analysis of an Obfuscated JAR File
2017.10 [pluginvulnerabilities] Base64 Obfuscation Used in WordPress Plugin’s Code That Emails Details of Website to Developer
2017.10 [staaldraad] MSWord - Obfuscation with Field Codes
2017.10 [arxiv] [1710.01139] On Secure and Usable Program Obfuscation: A Survey
2017.09 [arxiv] [1710.00197] Matching Anonymized and Obfuscated Time Series to Users' Profiles
2017.09 [arxiv] [1709.10412] CAOS: Concurrent-Access Obfuscated Store
2017.09 [pluginvulnerabilities] WordPress Plugin Directory Allowing Plugins to Obfuscate Addresses of Websites That the Plugin Connect To
2017.09 [antonioparata] 使用 Mealy 元数据混淆字符串
2017.08 [f5] URL Obfuscation—Still a Phisher's Phriend
2017.08 [arxiv] [1708.07150] Threshold-based Obfuscated Keys with Quantifiable Security against Invasive Readout
2017.08 [secist] 代码混淆之道——控制流扁平与不透明谓词理论篇
2017.08 [forcepoint] Part one - security, performance, obfuscation, and compression
2017.08 [arxiv] [1708.02629] Protecting Genomic Privacy by a Sequence-Similarity Based Obfuscation Method
2017.07 [pat] Misconceptions in Client-Side Security: Reverse Engineering Obfuscation & Disguised Endpoints
2017.07 [freebuf] FireEye发布调查报告，混淆技术成为了2017年攻击者最喜欢用的技术之一
2017.06 [fireeye] Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques
2017.06 [pentestpartners] Obfuscating consumer IoT hardware. Is it worth it?
2017.06 [arxiv] [1706.08003] OS Fingerprinting: New Techniques and a Study of Information Gain and Obfuscation
2017.06 [sans] Obfuscating without XOR
2017.06 [cobbr] ObfuscatedEmpire - Updates and Pull Request!
2017.06 [arxiv] [1706.06232] Modeling Attack Resilient Reconfigurable Latent Obfuscation Technique for PUF based Lightweight Authentication
2017.06 [arxiv] [1706.05432] Obfuscation in Bitcoin: Techniques and Politics
2017.06 [quarkslab] PhD defense of Ninon Eyrolles: Obfuscation with Mixed Boolean-Arithmetic Expressions: Reconstruction, Analysis and Simplification Tools
2017.06 [arxiv] [1706.02693] A Mean-Field Stackelberg Game Approach for Obfuscation Adoption in Empirical Risk Minimization
2017.06 [4hou] 看我如何使用数据格式混淆来绕过WAF进行攻击?
2017.05 [d0znpp] Bypassing NGFW/WAFs using data format obfuscations
2017.05 [paloaltonetworks] Practice Makes Perfect: Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Cr
2017.05 [securestate] Obfuscating Launchers to Limit Detection
2017.05 [securestate] Obfuscating Launchers to Limit Detection
2017.04 [sans] Another Day, Another Obfuscation Technique
2017.04 [NDSSSymposium] NDSS 2017: HOP: Hardware makes Obfuscation Practical
2017.04 [NDSSSymposium] NDSS 2017: Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential...
2017.04 [sans] Analysis of a Maldoc with Multiple Layers of Obfuscation
2017.04 [arxiv] [1704.02307] Assessment of Source Code Obfuscation Techniques
2017.03 [arxiv] [1703.07427] Intrinsically Reliable and Lightweight Physical Obfuscated Keys
2017.03 [nviso] Analyzing obfuscated scripts using nothing but a text editor
2017.03 [sans] Another example of maldoc string obfuscation, with extra bonus: UAC bypass
2017.03 [arxiv] [1703.00475] Design Automation for Obfuscated Circuits with Multiple Viable Functions
2017.02 [endgame] Lessons from the Trenches: Obfuscation and Pattern Recognition
2017.02 [secist] 三个混淆过狗一句话分析
2017.01 [tetrane] Unfolding obfuscated code with Reven (part 2)
2016.12 [arxiv] [1612.05675] Targeting Infeasibility Questions on Obfuscated Codes
2016.12 [360] 如何分析经过混淆的SWF
2016.12 [arxiv] [1612.03345] Obfuscation using Encryption
2016.11 [tetrane] Unfolding obfuscated code with Reven (part 1, full write-up)
2016.11 [vkremez] IDA Pro Tutorial: Unpacking Obfuscated Binary Using IDA Pro Debugger
2016.10 [tetrane] Unfolding obfuscated code (part 1)
2016.10 [arxiv] [1610.06694] ODIN: Obfuscation-based privacy preserving consensus algorithm for Decentralized Information fusion in smart device Networks
2016.10 [jm33] Using Obfs4proxy to obfuscate your non-TOR proxy / 为Shadowsocks路由器增加Obfs4混淆
2016.10 [rsaconference] Obfuscation: A User's Guide for Privacy and Protest
2016.10 [endgame] Defeating the Latest Advances in Script Obfuscation
2016.09 [arxiv] [1609.07612] Obfuscating Keystroke Time Intervals to Avoid Identification and Impersonation
2016.09 [mrpapercut] Non-Alphanumeric JS obfuscator
2016.09 [arxiv] [1609.00408] Defeating Image Obfuscation with Deep Learning
2016.08 [cryptologie] Whibox part 1: Indistinguishability Obfuscation
2016.08 [arxiv] [1608.02546] A Stackelberg Game Perspective on the Conflict Between Machine Learning and Data Obfuscation
2016.08 [trustwave] To Obfuscate, or not to Obfuscate
2016.08 [contextis] Obfuscation, Encryption & Unicorns… Reversing the string encryption in the Pangu 9.3 jailbreak
2016.07 [0x00sec] Packers - Executable Compression and Data Obfuscation
2016.07 [breakdev] Obfusion - C++ X86 Code Obfuscation Library
2016.07 [pcsxcetrasupport3] De-obfuscating Cerber Malspam file
2016.07 [p] NDH2K16 - lol so obfuscated
2016.06 [securitygossip] ViewDroid: Towards Obfuscation-Resilient Mobile Application Repackaging Detection
2016.06 [sjtu] ViewDroid: Towards Obfuscation-Resilient Mobile Application Repackaging Detection
2016.06 [arxiv] [1606.06771] A Stackelberg Game Perspective on the Conflict Between Machine Learning and Data Obfuscation
2016.05 [mcafee] Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes
2016.05 [mcafee] Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes
2016.05 [jpcert] Decoding Obfuscated Strings in Adwind
2016.05 [arxiv] [1605.04044] Network Traffic Obfuscation and Automated Internet Censorship
2016.05 [osandamalith] IP Obfuscator
2016.04 [360] 漫谈混淆技术----从Citadel混淆壳说起
2016.04 [freebuf] 漫谈混淆技术：从Citadel混淆壳说起
2016.04 [n0where] Obfuscated String Solver: Floss
2016.04 [advancedpersistentjest] Writeup – Obfuscation (sCTF)
2016.04 [jm33] 使用Obfsproxy (Scramblesuit) 混淆sh4d0ws0cks流量
2016.04 [layerone] DeObf 2016: I Wanna Be (De)Obfuscated!
2016.03 [fortinet] Unseen Dangers—Obfuscation Tools & Cybercrime
2016.03 [arxiv] [1603.06597] Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing
2016.02 [buffered] TLV Traffic Obfuscation
2016.02 [arxiv] [1602.01771] On Quantum Obfuscation
2016.01 [arxiv] [1601.06371] Your Interests According to Google - A Profile-Centered Analysis for Obfuscation of Online Tracking Profiles
2016.01 [sans] Obfuscated MIME Files
2016.01 [DarrenKitchen] Mail Obfuscation and Pickup Procrastination
2016.01 [arxiv] [1601.00763] Translingual Obfuscation
2016.01 [freebuf] FLARE脚本系列：自动解码混淆字符串
2015.12 [360] FLARE脚本系列：自动解码混淆字符串
2015.12 [pediy] [原创]记一次混淆算法逆向分析
2015.11 [securitygossip] LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
2015.11 [sjtu] LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
2015.11 [benthamsgaze] Program obfuscation
2015.11 [trustwave] BOM Obfuscation in Spam
2015.09 [malwarebytes] Obfuscated URLs, where is that link taking you?
2015.09 [cert] A funny little obfuscation technique
2015.08 [pediy] [原创]过腾讯的资源混淆,附工具
2015.06 [arxiv] [1506.03032] N-Version Obfuscation: Impeding Software Tampering Replication with Program Diversity
2015.06 [talosintelligence] Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense
2015.03 [layerone] The (De)Obfuscated: De-obfuscation contest returns!
2015.03 [sans] An Example of Evolving Obfuscation
2015.02 [websec] Presentation on Optimization and Obfuscation Techniques for SQL Injections
2015.01 [arxiv] [1501.02885] Benchmarking Obfuscators of Functionality
2014.11 [trendmicro] Obfuscated Flash Files Make Their Mark in Exploit Kits
2014.09 [lastline] Rogue Online Pharmacies Use Fake Security Seals and Content Obfuscation to Deceive Humans and Programs
2014.09 [pediy] [原创]多态混淆器 [开源]
2014.06 [mrg] How deep is the rabbit hole? A tale about exploit kits and layers of obfuscation
2014.05 [Proteas] 反-反汇编 & 混淆 #1：苹果没有遵循自己制定的Mach-O规范？
2014.05 [arxiv] [1405.5410] A Codon Frequency Obfuscation Heuristic for Raw Genomic Data Privacy
2014.05 [trustwave] Exploit Kit Roundup: Best of Obfuscation Techniques
2014.04 [brendangregg] Compilers: Let Me Obfuscate That For You
2014.03 [trendmicro] Careto and OS X Obfuscation
2014.02 [cryptographyengineering] Cryptographic obfuscation and ‘unhackable’ software
2014.02 [arxiv] [1402.3426] Privacy Games: Optimal User-Centric Data Obfuscation
2014.01 [arxiv] [1401.0348] The impossibility of obfuscation with auxiliary input or a universal simulator
2013.11 [palshack] Hardcore SQL Injections, optimizations and obfuscation
2013.10 [arxiv] [1311.0044] Thread-Based Obfuscation through Control-Flow Mangling
2013.09 [doar] Breaking Kryptonite's Obfuscation: A Static Analysis Approach Relying on Symbolic Execution
2013.08 [welivesecurity] Nymaim - obfuscation chronicles
2013.08 [doar] Regular Expressions Obfuscation Under the Microscope
2013.07 [pediy] [原创]实时混淆生成的crackme
2013.05 [malwarebytes] Nowhere to Hide: Three methods of XOR obfuscation
2013.01 [mcafee] IPS Countermeasures Fight Obfuscation, Evasion
2013.01 [talosintelligence] The 0-day That Wasn't: Dissecting A Highly Obfuscated PDF Attack
2012.12 [arxiv] [1212.6458] Partial-indistinguishability obfuscation using braids
2012.11 [compass] ASFWS – Obfuscator, ou comment durcir un code source ou un binaire contre le reverse-engineering
2012.09 [sysforensics] Obfuscated iframe leads to Blackhole Exploit Kit 2.0
2012.09 [toolswatch] NOVA the Network Obfuscation and Virtualized Anti-Reconnaissance v12.6 available
2012.05 [arxiv] [1205.4813] Securing SQLJ Source Codes from Business Logic Disclosure by Data Hiding Obfuscation
2012.02 [reverse] Obfuscation #2: Playing entrypoint hide & seek game with dyld
2011.02 [securityinnovation] How Much Security Does Obfuscation Get You?
2010.11 [androidcracking] string obfuscation
2010.08 [forcepoint] Phoenix Exploit Kit's Random Access Obfuscation
2010.08 [websec] Attacking Linksys WRT160N router using the "URL Obfuscation in Frames" bug
2010.08 [sans] Obfuscated SQL Injection attacks
2010.04 [arxiv] [1004.4940] FauxCrypt - A Method of Text Obfuscation
2010.04 [forcepoint] De-obfuscating the obfuscated binaries with visualization
2009.08 [rapid7] Binary Obfuscation from the Top Down
2009.08 [msreverseengineering] Unpacking Virtualization Obfuscators
2009.02 [sans] We want your logs, obfuscated even.
2009.02 [gamelinux] Status Bar Obfuscation / Clickjacking in Firefox
2008.12 [addxorrol] Sometimes, diffing can remove obfuscation (albeit rarely)
2008.10 [imperialviolet] Obfuscated TCP
2008.08 [kobyk] Unexporting a function from a DLL at runtime by name obfuscation
2008.05 [arxiv] [0805.4648] On White-box Cryptography and Obfuscation
2008.03 [imperialviolet] OTCP - Obfuscated TCP
2007.05 [sans] Analyzing an obfuscated ANI exploit
2007.03 [pediy] [分享]ACProtect之补区段法(OEP Obfuscation, API redirection)
2007.02 [em386] Obfuscated ELF Objects
2007.01 [trendmicro] Just another obfuscated script… and browser exploits galore!
2007.01 [slightlyrandombrokenthoughts] Obfuscating by overloading method and field names
2006.09 [trendmicro] Obfuscation: Creating something new but not really…
2006.05 [sans] Phishers use urlencoding to obfuscate hostnames
2006.01 [pediy] 我对混淆代码的粗浅认识

新添加-反混淆

工具

[233星][15d] [Py] rub-syssec/syntia Syntia:综合模糊代码的语义
[212星][13d] [Py] eth-sri/debin Machine Learning to Deobfuscate Binaries
[204星][3m] [Jupyter Notebook] malrev/abd Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
[154星][12d] [Py] cq674350529/deflat use angr to deobfuscation
[103星][2y] [C#] holly-hacker/eazfixer A deobfuscation tool for Eazfuscator.
[62星][2y] [Java] java-deobfuscator/deobfuscator-gui deobfuscator的GUI
[44星][1m] [Py] dissectmalware/batch_deobfuscator Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
[40星][3y] [C++] x64dbg/interobfu Intermediate x86 instruction representation for use in obfuscation/deobfuscation.
[37星][21d] [JS] michenriksen/hackpad A web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.
[35星][19d] [Java] graxcode/zelixkiller Deobfuscate ZKM up to version 11
[31星][4y] [Pascal] pigrecos/codedeobfuscator Code Deobfuscator
[21星][1m] [Py] cylance/winapi-deobfuscation Towards Generic Deobfuscation of Windows API Calls
[20星][2m] [C++] jacob-baines/jit_obfuscation_poc Using GNU lightning to generate xor deobfuscation at runtime
[20星][9m] [Py] jnraber/virtualdeobfuscator Reverse engineering tool for virtualization wrappers
[16星][8m] [C] gdbinit/unicorn_string_deobfuscator A Unicorn based emulator to deobfuscate Equation Group string XOR obfuscation
[16星][25d] [Kotlin] heartpattern/mc-remapper Deobfuscator for Minecraft by mapping json
[16星][25d] [Kotlin] heartpattern/mc-remapper Deobfuscator for Minecraft by mapping json
[15星][24d] [Java] lxgaming/reconstruct ProGuard Deobfuscator
[11星][2m] calware/deobfuscation Binary Deobfuscation Series
[10星][4m] [Java] soxs/osrsupdater A simple (and outdated) Old-School RuneScape decompiler/deobfuscator. Performs field and method analysis which uses ASM and bytecode patterns for identification. Identified fields could be used for creating bot clients or QoL clients. For educational use only.
[9星][3m] [C] valdikss/sophos-deobfuscation-tool Sophos Deobfuscation Tool. Deobfuscates passwords obfuscated with Sophos Obfuscation Tool.
[6星][14d] [C++] teapotd/xdeobf A deobfuscation plugin for IDA
[4星][12m] [Rust] xermicus/r2deob deobfuscation PoC with r2 + ESIL
[4星][3m] [Py] randomrhythm/web_log_deobfuscate Deobfuscate various encodings that can be found in web logs.
[4星][6m] [JS] skyrising/mc-deobfuscator Automatic deobfuscator for Minecraft
[4星][8m] [JS] bobbystacksmash/cmd-deobfuscator A Node.js module for deobfuscating and expanding DOS/BATCH commands.
[3星][1y] [Java] aperrad/gwtclientlogdeobfuscator GWT Client Stacktrace Deobfuscator
[2星][2y] [Groovy] nao20010128nao/kliket A php code deobfuscator (re)written in Groovy
[1星][3y] [Java] jasjisdo/enigma A deobfuscator tool for JavaSE bytecode
[1星][4m] [Py] 0h2o/py2_deobf_tool Python2.7 pyc deobfuscator
[0星][2y] [JS] notathrowaway/deobfuscated-payloads_tiempo-en-colombia-en-vivo Deobfuscated payload scripts of the extension "Tiempo en colombia en vivo". Sorry for the long name.
[0星][5m] [Py] uintdev/cssed Cloudflare ScrapeShield Email Deobfuscator
[None星][Py] dissectmalware/xlmmacrodeobfuscator Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

文章

2020.02 [quarkslab] PhD Defense of Jonathan Salwan: Use of Symbolic Execution for Binary Deobfuscation
2019.07 [freebuf] 反混淆神器！CyberChef助你秒解混淆脚本
2019.04 [msreverseengineering] An Abstract Interpretation-Based Deobfuscation Plugin for Ghidra
2019.02 [arxiv] [1902.05357] Estimating the Circuit Deobfuscating Runtime based on Graph Deep Learning
2019.01 [pediy] [原创]c/c++反混淆方法
2019.01 [Swarlemagne] F'ing around with Binary Ninja, Episode 6: Automating Deobfuscation!
2019.01 [Swarlemagne] F'ing around with Binary Ninja, Episode 5: Automated Deobfuscation!
2019.01 [aliyun] Automatic string formatting deobfuscation
2019.01 [Swarlemagne] F'ing Around with Binary Ninja, Episode 4: Emulator, and Deobfuscation!
2019.01 [klee] Effectiveness of Synthesis in Concolic Deobfuscation
2018.11 [malwarebytes] TrickBot主模块使用新的混淆技术
2018.07 [sans] Windows Batch File Deobfuscation
2018.07 [360] 符号反混淆：从虚拟代码中恢复源码(DIMVA 2018)
2018.07 [quarkslab] Symbolic Deobfuscation: From Virtualized Code Back to the Original (DIMVA 2018)
2018.05 [pediy] [原创]JEB2反混淆神器
2018.05 [hexblog] Deobfuscating xor’ed strings
2018.03 [hasherezade] Deobfuscating TrickBot's strings with libPeConv
2018.03 [pediy] [翻译]手把手静态分析FinSpy VM：第三部分第一阶段，反混淆FINSPY VM字节码程序
2018.02 [msreverseengineering] FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #1: Deobfuscating FinSpy VM Bytecode Programs
2018.02 [dustri] Paper notes: Towards generic deobfuscation of Windows API calls
2018.02 [venus] JStillery：Advanced JS Deobfuscation via Partial Evaluation
2018.01 [msreverseengineering] 恶意软件 Finspy VM 脱壳教程 - X86 反混淆
2017.10 [Cooper] Hack.lu 2017 SMT Solvers in the IT Security - deobfuscating binary code with logic by Thaís Hamasaki
2017.10 [0x00sec] Deobfuscating js code
2017.07 [] Deobfuscating PjOrion using bytecode simplifier
2017.03 [pediy] [翻译]AutoIt脚本反混淆
2017.03 [dist67] Maldoc Deobfuscation: Plugin sub-str
2017.03 [dist67] Maldoc Deobfuscation: Character Removal
2016.07 [hackerlists] 13 Awesome Deobfuscation Tools For Reverse Engineers
2016.05 [] PjOrion Deobfuscator Open Sourced
2016.04 [sjtu] Deobfuscation Reverse Engineering Obfuscated Code
2016.03 [360] MIME类型文件反混淆工具
2015.10 [mindedsecurity] Advanced JS Deobfuscation Via AST and Partial Evaluation (Google Talk WrapUp)
2015.10 [ixiacom] Angler Exploit Kit Deobfuscation and Analysis
2015.06 [msreverseengineering] Transparent Deobfuscation with IDA Processor Module Extensions
2015.05 [securitygossip] Deobfuscation of Virtualization-Obfuscated Software: A Semantics-Based Approach
2015.05 [sjtu] Deobfuscation of Virtualization-Obfuscated Software: A Semantics-Based Approach
2014.12 [ZeroNights] Dmitry Schelkunov, Vasily Bukasov - «Deobfuscation and beyond»
2014.06 [nvisium] Deobfuscate Client Side Cookies
2013.04 [malforsec] Blackhole Exploit Kit - deobfuscating the CVE-2010-0188 PDF
2012.11 [quequero] Deobfuscating generic BlackHole 2 with JsADO
2011.07 [msreverseengineering] Control Flow Deobfuscation via Abstract Interpretation
2011.02 [sogeti] Training at CanSecWest 2011: Advanced binary deobfuscation

贡献

内容为系统自动导出, 有任何问题请提issue

alphaSeclab/obfuscation-stuff

alphaSeclab

Reviews

Repository Details

所有收集类项目

Obfuscate

目录

C/C++

advobfuscator

工具

文章

工具

dotNet

de4dot

工具

文章

obfuscar

工具

confuserex

工具

文章

工具

文章

PowerShell

invoke-obfuscation

工具

文章

工具

文章

JavaScript

javascript-obfuscator

工具

baffle

工具

jstillery

工具

工具

文章

LLVM

obfuscator

工具

armariris

工具

文章

tigress

工具

工具

文章

Shellcode

工具

文章

Bash

bashfuscator

工具

文章

工具

文章

PHP

php-obfuscator

工具

yakpro-po

工具

optimus

工具

工具

文章

Go

gobfuscate

工具

工具

Office

macro_pack

工具

文章

maliciousmacrogenerator

工具

工具

文章

Python

pyminifier