Pcy190 Deobfuscator Save

break ollvm.

Project README

deobfuscator

Introduction

Flexible deobfuscator.

Feature

	x86	x86_64	arm	arm64
deflat	TODO	TODO	PARTLY	:heavy_check_mark:

two engine mode for deflat
flexible patch pattern
easy to port

Usage:

requirements:

python3.7 +
dependencies:

pip3 install qiling angr termcolor capstone keystone

modify the start address and filename in main.py, and

python3 main.py

Specify the strategy 0 or 1 in emulator.search_path, in order to handle different flatten cases.

TODO:

support x86, x86_64
support Bogus Control Flow deobfuscation
add blocks analysis manually
IDAPro plugin, in order to mark the blocks visually by interacting with the deobfuscator (to handle different ida python version)

Open Source Agenda is not affiliated with "Pcy190 Deobfuscator" Project. README Source: pcy190/deobfuscator

Stars

Open Issues

Last Commit

3 years ago

Repository

pcy190/deobfuscator

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/pcy190-deobfuscator"><img src="https://www.opensourceagenda.com/projects/pcy190-deobfuscator/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022