Displaying 1 to 9 from 9 results

simplify - Generic Android Deobfuscator

  •    Java

Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used. The code on the left is a decompilation of an obfuscated app, and the code on the right has been deobfuscated.

dex-oracle - A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

  •    Ruby

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Make sure adb is on your path.

malware-jail - Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction

  •    Javascript

malware-jail is written for Node's 'vm' sandbox. Currently implements WScript (Windows Scripting Host) context env/wscript.js, at least the part frequently used by malware. Internet browser context is partialy implemented env/browser.js. Runs on any operating system. Developed and tested on Linux, Node.js v6.6.0.

JRemapper - A remapping tool for compiled java programs.

  •    Java

An easy to use GUI for remapping classes, methods, and fields of compiled java programs.For information on how to use JRemapper and other details about it, check out the wiki.

Tigress_protection - Playing with the Tigress binary protection

  •    LLVM

Tigress is a diversifying virtualizer/obfuscator for the C language that supports many novel defenses against both static and dynamic reverse engineering and de-virtualization attacks. In particular, Tigress protects against static de-virtualization by generating virtual instruction sets of arbitrary complexity and diversity, by producing interpreters with multiple types of instruction dispatch, and by inserting code for anti alias analysis. Tigress protects against dynamic de-virtualization by merging the real code with bogus functions, by inserting implicit flow, and by creating slowly-executing reenetrant interpreters. Tigress implements its own version of code packing through the use of runtime code generation. Finally, Tigress' dynamic transformation provides a generalized form of continous runtime code modification. If you want more information, you can checkout our solve-vm.py script.

jsnice - Command line interface to http://jsnice.org.

  •    Javascript

Command line interface to http://jsnice.org. The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

EazFixer - A deobfuscation tool for Eazfuscator.

  •    CSharp

A deobfuscation tool for Eazfuscator. EazFixer is a deobfuscation tool for Eazfuscator, a commercial .NET obfuscator. For a list of features, see the list below.

dnpatch - .NET Patcher library using dnlib

  •    CSharp

[WIP] .NET Patcher library using dnlib. The master branch provides you the current stable build of dnpatch. However, I will most likely not provide support for it anymore since version 1.0 is on it's way in the v1 branch.