Hikari - LLVM Obfuscator

  •        317

English Documentation Hikari(Light in Japanese, name stolen from the Nintendo Switch game Xenoblade Chronicles 2) is my hackathon-ishtoy project for the 2017 Christmas to kill time.It's already stable enough to use in production environment. However, as initially planned, Hikari has been ported to LLVM 6.0 release version and no longer being actively maintained due to the time and effort it takes. You can find the history of its development at developer branch. Further enhancements include more features like Code-Intergrity Checking and a full anti-hook implementation. These are not open-source and will probably be released as a commercial product. If you know me close enough we can discuss the license model and pricing issue because I might not be able to provide real-time bug fix and stuff. Any undiscovered potential bugs affecting the obfuscated binary are fixed during obfuscation so you get a workable binary.

https://keybase.io/team/hikari
https://github.com/HikariObfuscator/Hikari

Tags
Implementation
License
Platform

   




Related Projects

javascript-obfuscator - A powerful obfuscator for JavaScript and Node.js

  •    TypeScript

JavaScript obfuscator is a powerful free obfuscator for JavaScript with a wide number of features which provides protection for your source code. It is not recommended to obfuscate vendor scripts and polyfills, since the obfuscated code is 15-80% slower (depends on options) and the files are significantly larger.

mcsema - Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode

  •    C++

McSema is an executable lifter. It translates ("lifts") executable binaries from native machine code to LLVM bitcode. LLVM bitcode is an intermediate representation form of a program that was originally created for the retargetable LLVM compiler, but which is also very useful for performing program analysis methods that would not be possible to perform on an executable binary directly. McSema enables analysts to find and retroactively harden binary programs against security bugs, independently validate vendor source code, and generate application tests with high code coverage. McSema isn’t just for static analysis. The lifted LLVM bitcode can also be fuzzed with libFuzzer, an LLVM-based instrumented fuzzer that would otherwise require the target source code. The lifted bitcode can even be compiled back into a runnable program! This is a procedure known as static binary rewriting, binary translation, or binary recompilation.

kaleidoscope - Haskell LLVM JIT Compiler Tutorial

  •    Haskell

A short guide to building a tiny programming language in Haskell with LLVM. You will need GHC 7.8 or newer as well as LLVM 4.0. For information on installing LLVM 4.0 (not 3.9 or earlier) on your platform of choice, take a look at the instructions posted by the llvm-hs maintainers.

php-obfuscator - A parsing PHP obfuscator

  •    PHP

This is an "obfuscator" for PSR/OOp PHP code. Different from other obfuscators, which often use a (reversible) eval() based obfuscation, this tool actually parses PHP, and obfuscates variable names, methods, etc. This means is can not be reversed by tools such as UnPHP. This library was written out of the need to obfuscate the source for a private library which for various reasons could not be shared without steps to protect the source from prying eyes. It is not technically feasible to "encrypt" PHP source code, while retaining the option to run it on a standard PHP runtime. Tools such as Zend Guard use run-time plugins, but even these offer no real security.

echojs - an ahead of time compiler and runtime for ES6

  •    Javascript

The environment variable LLVM_SUFFIX can be set and its value will be appended to the names of all llvm executables (e.g. llvm-config-3.6 instead of llvm-config.) The default is -3.6. Change this if you have a different build of llvm you want to use. Homebrew installs llvm 3.6 executables without the suffix, thus export LLVM_SUFFIX=. As for MIN_OSX_VERSION: homebrew's formula for llvm (3.4, at least. haven't verified with 3.6) doesn't specify a -mmacosx-version-min= flag, so it builds to whatever you have on your machine. Node.js's gyp support in node-gyp, however, does put a -mmacosx-version-min=10.5 flag. A mismatch here causes the node-llvm binding to allocate llvm types using incorrect size calculations, and causes all manner of memory corruption. If you're either running 10.5 or 10.9, you can leave the variable unset. Otherwise, set it to the version of OSX you're running. Hopefully some discussion with the homebrew folks will get this fixed upstream.


emscripten - Emscripten: An LLVM-to-JavaScript Compiler

  •    C

Emscripten is an LLVM-to-JavaScript compiler. It takes LLVM bitcode - which can be generated from C/C++, using llvm-gcc (DragonEgg) or clang, or any other language that can be converted into LLVM - and compiles that into JavaScript, which can be run on the web (or anywhere else JavaScript can run). Emscripten is available under 2 licenses, the MIT license and the University of Illinois/NCSA Open Source License.

Babel Obfuscator NAnt Tasks

  •    

This is an NAnt task for Babel Obfuscator. Babel Obfuscator protect software components realized with Microsoft .NET Framework in order to make reverse engineering difficult. Babel Obfuscator can be downloaded at http://www.babelfor.net

gocaml - :camel: Practical statically typed functional programming language implementation with Go and LLVM

  •    Go

GoCaml is subset of OCaml in Go based on MinCaml using LLVM. GoCaml adds many features to original MinCaml. MinCaml is a minimal subset of OCaml for educational purpose. It is statically-typed and compiled into a binary. This project aims incremental compiler development for my own programming language. Type inference, closure transform, mid-level IR are implemented.

Obfuscar, The Open Source Obfuscator for .NET Applications

  •    DotNet

Obfuscar is an open source .NET obfuscator released under MIT license. It provides basic obfuscation features that help secure secrets in a .NET assembly.

numba - NumPy aware dynamic Python compiler using LLVM

  •    Python

Numba is an Open Source NumPy-aware optimizing compiler for Python sponsored by Anaconda, Inc. It uses the remarkable LLVM compiler infrastructure to compile Python syntax to machine code. It is aware of NumPy arrays as typed memory regions and so can speed-up code using NumPy arrays. Other, less well-typed code will be translated to Python C-API calls effectively removing the "interpreter" but not removing the dynamic indirection.

llvmlite - A lightweight LLVM python binding for writing JIT compilers

  •    Python

The old llvmpy binding exposes a lot of LLVM APIs but the mapping of C++-style memory management to Python is error prone. Numba and many JIT compilers do not need a full LLVM API. Only the IR builder, optimizer, and JIT compiler APIs are necessary. The llvmlite.llvmpy namespace provides a minimal llvmpy compatibility layer.

llgo - LLVM-based compiler for Go

  •    Go

LLVM-based compiler for Go

llilc - This repo contains LLILC, an LLVM based compiler for

  •    C++

LLILC is an LLVM based MSIL Compiler - we pronounce it 'lilac' - with a goal of producing a set of cross-platform .NET code generation tools. Today LLILC is being developed against dotnet/CoreCLR for use as a JIT, as well as an cross platform platform object emitter and disassembler that is used by CoreRT as well as other dotnet utilites.See the documentation for more information. It has a more complete discussion of our background and goals as well as "getting started" details and developer information.

ldc - The LLVM-based D compiler.

  •    C

The LLVM-based D compiler.

llrb - LLVM-based JIT Compiler for Ruby

  •    C

LLRB is a LLVM-based JIT compiler for Ruby. I'm currently working on another JIT approach: YARV-MJIT.

zapcc - zapcc is a caching C++ compiler based on clang, designed to perform faster compilations

  •    C++

zapcc is a caching C++ compiler based on clang, designed to perform faster compilations. zapcc uses in-memory compilation cache in client-server architecture, remembering all compilation information between runs. zapcc is the client while zapccs is the server. Each zapcc run will reuse an existing server or if none was available will start a new one. This open source release is licensed under the LLVM Release License (University of Illinois/NCSA).

llvm - Mirror of official llvm git repository located at http://llvm.org/git/llvm. Updated hourly.

  •    C++

Mirror of official llvm git repository located at http://llvm.org/git/llvm. Updated hourly.

llvm-clang-samples - Examples of using the LLVM and Clang compilation libraries and tools

  •    C++

A collection of samples for using LLVM and Clang as libraries. LLVM & Clang evolve rapidly and the C++ API is not stable. This means that code that links against LLVM & Clang as libraries in version X may very well not compile or work in version X+1.

SPIRV-LLVM - LLVM framework with SPIR-V support

  •    C++

The khronos/spirv-3.6.1 branch of this repository contains source code for the LLVM/SPIR-V Bi-Directional Translator, a library for translating between LLVM and SPIR-V. The LLVM/SPIR-V Bi-Directional Translator is open source software. You may freely distribute it under the terms of the license agreement found in LICENSE.txt.

WAVM - WebAssembly Virtual Machine

  •    WebAssembly

This is a standalone VM for WebAssembly. It can load both the standard binary format, and the text format defined by the WebAssembly reference interpreter. For the text format, it can load both the standard stack machine syntax and the old-fashioned AST syntax used by the reference interpreter, and all of the testing commands. To build it, you'll need CMake and LLVM 6.0. If CMake can't find your LLVM directory, you can manually give it the location in the LLVM_DIR CMake configuration variable. Note that on Windows, you must compile LLVM from source, and manually point the LLVM_DIR configuration variable at <LLVM build directory>\lib\cmake\llvm.