Software Protector

•    DotNet

---

Software Protector is an open source 100% managed .NET licensing system based on SKGL Project. Generate keys for your software, and validate them using SKGL lib

license license-key licensing security serial-key software-protection

PiracyChecker - An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more

•    Java

---

An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. This library applies some techniques to help protect your app's users and attempt to thwart reverse engineers and attackers. BUT, this isn't guaranteed to stop your app from getting pirated. There is no such thing as 100% security, and a determined and skilled attacker with enough time, could remove these checks from the code. The real objective here is to raise the bar out of reach of opportunist and automatic attackers.

apk signature android-library attacker lvl apk-signature-protection verify gradle

SKGL - Serial Key Generating Library

•    DotNet

---

This project helps you to create a well-working, easy-to-use software licensing system. 20 letters short serial key, feature locking, machine locking...

license license-key licensing security serial-key software-protector

javascript-obfuscator - A powerful obfuscator for JavaScript and Node.js

•    TypeScript

---

JavaScript obfuscator is a powerful free obfuscator for JavaScript with a wide number of features which provides protection for your source code. It is not recommended to obfuscate vendor scripts and polyfills, since the obfuscated code is 15-80% slower (depends on options) and the files are significantly larger.

javascript-obfuscator obfuscation uglify protection obfuscate js-obfuscator obfuscator mangle cryptography string encoding literal security browser flow flattening control-flow typescript nodejs crush code-protection

Cryptosolic - The Cryptography & Software Licensing Framework for .Net

•    

---

Cryptosolic is an Open Source Cryptography & Software Licensing Framework for .Net. More Information and Downloads available soon.

cryptography encryption hashing license-enforcement licensing protection security

protector - Comfortable (seriously) white-list security restrictions for models on a field level

•    Ruby

---

Protector is a Ruby ORM extension for managing security restrictions on a field level. The gem favors white-listing over black-listing (everything is disallowed by default), convention over configuration and is duck-type compatible with most of existing code. DSL of Protector is a Ruby block (or several) describing ACL separated into contexts (authorized user is a very typical example of a context). Each time the context of model changes, DSL blocks reevaluate internally to get an actual ACL that is then utilized internally to cut restricted actions.

SOLEid

•    VB

---

SOLEid is a multi-purpose file protector that helps users to easily protect their files with different protection measures. The ones that are included till date are: password protection, hardware id lock, username and process protection.

Obfuscar, The Open Source Obfuscator for .NET Applications

•    DotNet

---

Obfuscar is an open source .NET obfuscator released under MIT license. It provides basic obfuscation features that help secure secrets in a .NET assembly.

assemblies cecil obfuscation obfuscator protection

janusec - Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing

•    Go

---

Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications. Detailed documentation is available at Janusec Application Gateway Documentation.

waf web-application-firewall application-gateway load-balance gateway application-security security web-application-security reverse-proxy sql-injection xss cc-attack-defense sensitive-data-leakage janusec-application-gateway

obfusion - Obfusion - C++ X86 Code Obfuscation Library

•    C++

---

This library handles obfuscation of assembled X86 machine code in order to make it harder to read and analyze during the reverse engineering process. Should work very well with obfuscating shellcode that is later embedded with executable files. If shellcode is known to security products, the obfuscation process should make it bypass any signature detection scans.

ansible-os-hardening - This Ansible role provides numerous security-related configurations, providing all-round base protection

•    Ruby

---

This role provides numerous security-related configurations, providing all-round base protection. It is intended to be compliant with the DevSec Linux Baseline. If you're using inspec to test your machines after applying this role, please make sure to add the connecting user to the os_ignore_users-variable. Otherwise inspec will fail. For more information, see issue #124.

ansible sysctl protection hardening role playbook

chef-os-hardening - This chef cookbook provides numerous security-related configurations, providing all-round base protection

•    Ruby

---

This cookbook provides numerous security-related configurations, providing all-round base protection. In the current implementation different components are located in the different recipes. See the available recipes or default.rb for possible component names.

hardening devops security chef chef-cookbook

SpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures

•    Python

---

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has obfuscation, encoding, run-time code compilation and character substitution features. So you can bypass the countermeasures of the target systems like a boss until they "learn" the technique and behavior of SpookFlare payloads. Special thanks to the following projects and contributors.

av-bypass loader dropper av-evasion endpoint-bypass antivirus-evasion antivirus-testing obfuscation bypass

Microsoft Web Protection Library

•    DotNet

---

The Microsoft Web Protection Library offers AntiXSS, an encoding library, to protect your current applications from cross-site scripting attacks and the Security Runtime Engine to help protect your legacy applications.

xss security antixss broken iis

Revoke-Obfuscation - PowerShell Obfuscation Detection Framework

•    PowerShell

---

Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. In the Fall of 2016 and Spring of 2017, Daniel Bohannon (@danielhbohannon) released Invoke-Obfuscation and Invoke-CradleCrafter, two open-source PowerShell obfuscation frameworks. The goal of this research and these frameworks was to highlight the limitations of a purely signature-based approach to detecting attackers' usage of PowerShell. The core message to defenders has been to focus on detecting Indicators of Obfuscation in addition to known suspicious syntax.

Suhosin - Protection System for PHP Installations

•    PHP

---

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. It comes in two independent parts, that can be used separately or in combination.

security php-secure vulnerabilities protection

Invoke-DOSfuscation - Cmd.exe Command Obfuscation Generator & Detection Test Harness

•    PowerShell

---

Over the past several years as an Incident Response consultant I have witnessed a myriad of obfuscation and evasion techniques employed by several threat actors. Some of these techniques are incredibly complex while others are tastefully simple, but both categories are employed to evade detection. In my experience, I have found APT32 and FIN7 to pull out the most alluring obfuscation techniques and their creativity is noteworthy. In June 2017 after a slew of incremental command line obfuscation techniques, FIN7 used an environment variable string substitution capability native to cmd.exe that at the time I did not know even existed. Spurred by this discovery I co-authored a blog post with Nick Carr (@ItsReallyNick) called Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques where we highighted numerous groups' obfuscation techniques we identified in the wild.

SharpObfuscator

•    CSharp

---

It is a Software Protection tool, designed to help .NET developers efficiently protect their software. It will obfuscate and protect your .NET code, optimize your .NET assembly for better deployment, minimize distribution size, increase performance & add powerful post-deplo...

obfuscator obfuscation utility clr code il

Cyfuscator

•    DotNet

---

This project show how create your own obfuscator for application .net, as a protection source code

metadata mono-cecil obfuscation

Cryptlib - provides Encryption and Authentication Service

•    C

---

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

cryptography encryption s-mime digital-signature security security-library