{"id":13766095,"url":"https://github.com/jnastarot/furikuri","last_synced_at":"2025-05-10T21:33:03.040Z","repository":{"id":61214776,"uuid":"132176243","full_name":"jnastarot/furikuri","owner":"jnastarot","description":"too busy for that all, furikuri is framework for code protection","archived":true,"fork":false,"pushed_at":"2019-11-02T19:50:44.000Z","size":903,"stargazers_count":157,"open_issues_count":1,"forks_count":41,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-11-17T02:33:23.497Z","etag":null,"topics":["obfuscate-code","obfuscator","packer","pe-analyzer","pe-protect","protector","reverse-engineering"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jnastarot.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-04T18:36:56.000Z","updated_at":"2024-11-16T19:56:31.000Z","dependencies_parsed_at":"2022-10-12T22:36:21.624Z","dependency_job_id":null,"html_url":"https://github.com/jnastarot/furikuri","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jnastarot%2Ffurikuri","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jnastarot%2Ffurikuri/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jnastarot%2Ffurikuri/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jnastarot%2Ffurikuri/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jnastarot","download_url":"https://codeload.github.com/jnastarot/furikuri/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253486123,"owners_count":21916132,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["obfuscate-code","obfuscator","packer","pe-analyzer","pe-protect","protector","reverse-engineering"],"created_at":"2024-08-03T16:00:51.392Z","updated_at":"2025-05-10T21:33:02.304Z","avatar_url":"https://github.com/jnastarot.png","language":"C++","funding_links":[],"categories":["Projects"],"sub_categories":["Assembly"],"readme":"Furikuri\n=============\n\n[![License](https://img.shields.io/badge/license-BSD3-blue.svg)](https://github.com/jnastarot/enma_pe/blob/master/LICENSE) [![Build status](https://ci.appveyor.com/api/projects/status/4fa90sgo6c89fqcp?svg=true)](https://ci.appveyor.com/project/jnastarot/furikuri) [![Build Status](https://travis-ci.org/jnastarot/furikuri.svg?branch=master)](https://travis-ci.org/jnastarot/furikuri)\n------\n\n\n```\nFurikuri is protection framework what targeting on shellcode and executable files \nSupported x32 and x64 archs\n```\n1. [Obfuscation techniques](#Obfuscation-techniques)\n\t* [Instruction mutation](#Instruction-mutation) \n    * [Junk generation](#Junk-generation) \n    * [Spaghetti code](#Spaghetti-code) \n    * [Bytecode obfuscation](#Bytecode-obfuscation) \n2. [Examples](#Examples)\n3. [Compile](#Compile)\n4. [Third party](#third-party)\n\nObfuscation techniques\n-------------------------------------\n\n##### Instruction mutation\n Mutation of original instruction into series of other equivalent instructions \n\n   example:\n\n   ```\n    mov rcx, rax\n    mov rdx, [rsp + 38h]\n    call SomeFunc\n   ```\n   becomes to :\n   ```\n    mov rdx, rax\n    mov rcx, [rsp + 38h]\n    push rcx\n    mov rcx, rdx\n    pop rdx\n    call SomeFunc\n   \n   ```\n------------------------\n\n##### Junk generation\nInserting assembler instructions with out any payload between \"original\" instructions\n\n   example:\n   ```\n    mov rcx, rax\n    mov rdx, [rsp + 38h]\n    call SomeFunc\n   ```\n   becomes to :\n   ```\n    mov rdx, rdx\n    mov rdx, r8\n    mov rcx, rax\n    push r8\n    mov r8, 12345678h\n    pop r8\n    mov rdx, [rsp + 38h]\n    call SomeFunc\n   ```\n------------------------\n\n##### Spaghetti code\nDividing original basic block of code on several but more smaller, through insertion `jmp` in middle of   block to start of second of \"new\" block\n\n   example:\n   ```\n   mov r10, [rax+20h]\n   mov eax, [rsp+98h]\n   mov [rsp+40h], eax\n   mov rax, [rsp+90h]\n   mov [rsp+38h], rax\n   mov eax, [rsp+88h]\n   mov [rsp+30h], eax\n   mov rax, [rsp+80h]\n   mov [rsp+28h], rax\n   mov [rsp+20h], r9d\n   ```\n   becomes to :\n   ```\n   mov r10, [rax+20h]\n   mov eax, [rsp+98h]\n   mov [rsp+40h], eax\n   mov rax, [rsp+90h]\n   mov [rsp+38h], rax\n   jmp l1:\n   ...\n   ...\n   ...\n   \n   l1 :\n   mov eax, [rsp+88h]\n   mov [rsp+30h], eax\n   mov rax, [rsp+80h]\n   mov [rsp+28h], rax\n   mov [rsp+20h], r9d\n   \n   ```\n------------------------\n\n##### Bytecode obfuscation\nChanges bytecode of instruction to another bytecode\n\n   example:\n   ```\n    48 8B CA mov rcx,rdx\n   ```\n   becomes to :\n   ```\n    48 89 D1 mov rcx,rdx\n   ```\n\n\n\n\nExamples\n--------------\n[shellcode obfuscation](https://github.com/jnastarot/furikuri/tree/master/examples/shellcode%20obfuscation)\u003cbr\u003e\n[executable obfuscation](https://github.com/jnastarot/furikuri/tree/master/examples/executable%20obfuscation)\n\n---\nCompile \n-------------\n* Windows\n\t1. Requirements \n\t    * Git Bush\n\t    * Visual Studio 2019 (for now, but u can change runtime version and compile in on below versions)\n\t\n\t2. Clone repo and initialize submodules\n\t\n\t   ```\n\t   git clone https://github.com/jnastarot/furikuri.git\n\t   cd furikuri\n\t   git submodule update --init\n\t   ```\n\t\n\t3. Open `furikuri.sln` and build it in Visual Studio \n\t\n\t   \n\t\n* Linux\n\n  TODO\n\n\n\n\nThird Party\n-----------------\n[capstone](http://www.capstone-engine.org/)\u003cbr\u003e\n[enma pe](https://github.com/jnastarot/enma_pe)\u003cbr\u003e\n[fukutasm](https://github.com/jnastarot/fukutasm)\u003cbr\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjnastarot%2Ffurikuri","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjnastarot%2Ffurikuri","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjnastarot%2Ffurikuri/lists"}