Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-executable-packing
A curated list of awesome resources related to executable packing
https://github.com/packing-box/awesome-executable-packing
Last synced: 5 days ago
JSON representation
-
:books: Literature
-
Documentation
- a.out (FreeBSD manual pages)
- A.out binary format
- About anti-debug tricks
- Android packers: Separating from the pack
- Anti debugging protection techniques with examples
- Anti-unpacker tricks
- Anti-unpacker tricks - Part 14 (and previous parts)
- API deobfuscator: Resolving obfuscated API functions in modern packers
- The art of unpacking
- Cloak and dagger: Unpacking hidden malware attacks
- COM binary format
- Common object file format (COFF)
- Comparison of executable file formats
- Defacto2
- Dynamic binary analysis and obfuscated codes
- elf (FreeBSD manual pages)
- Entropy and the distinctive signs of packer PE files
- Executable and linkable format (ELF)
- Executable and linking format (ELF) specification
- Executable file formats
- FatELF: Universal binaries for Linux (HALTED)
- Hyperion: Implementation of a PE-Crypter
- Implementing your own generic unpacker
- Mach-O - A look at apple executable files
- Mach-O internals
- Making our own executable packer
- Microsoft portable executable and common object file format specification
- MITRE ATT&CK | T1027.002 | obfuscated files or information: Software packing
- MZ disk operating system (DOS)
- One packer to rule them all: Empirical identification, comparison and circumvention of current antivirus detection techniques
- One packer to rule them all: Empirical identification, comparison and circumvention of current antivirus detection techniques
- Packers
- Parsing mach-O files
- PE format (Microsoft docs)
- PinDemonium: A DBI-based generic unpacker for Windows executables
- Portable executable (PE)
- Reverse engineering malware: Binary obfuscation and protection
- Runtime packers: The hidden problem?
- TitanMist: Your first step to reversing nirvana
- Tuts 4 you - UnPackMe (.NET)
- Tuts 4 you | unpackme
- The "Ultimate" anti-debugging reference
- Virtual machine obfuscation
- We can still crack you! General unpacking method for Android Packer (NO ROOT)
- When malware is packing heat
- Win32 portable executable packing uncovered
- Writing a packer
- Mach-O file format reference
- Packer detection tool evaluation
- Writing a simple PE packer in detail
- Cloak and dagger: Unpacking hidden malware attacks
- Unpacking, reversing, patching
- Mach-O - A look at apple executable files
- Cloak and dagger: Unpacking hidden malware attacks
-
Scientific Research
- Absent extreme learning machine algorithm with application to packed executable identification
- An accurate packer identification method using support vector machine
- Adaptive unpacking of Android Apps
- Advanced preprocessing of binary executable files and its usage in retargetable decompilation
- Adversarial learning on static detection techniques for executable packing
- All-in-one framework for detection, unpacking, and verification for malware analysis
- Analysis of machine learning approaches to packing detection
- Anti-emulation trends in modern packers: A survey on the evolution of anti-emulation techniques in UPA packers
- Anti-unpacker tricks
- Application of string kernel based support vector machine for malware packer identification
- The application research of virtual machine in packers
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- The arms race: Adversarial search defeats entropy used to detect malware
- Automatic analysis of malware behavior using machine learning
- Automatic static unpacking of malware binaries
- BareUnpack: Generic unpacking on the bare-metal operating system
- Binary-code obfuscations in prevalent packer tools
- BinStat tool for recognition of packed executables
- BitBlaze: A new approach to computer security via binary analysis
- Boosting scalability in anomaly-based packed executable filtering
- Building a smart and automated tool for packed malware detections using machine learning
- ByteWise: A case study in neural network obfuscation identification
- Challenging anti-virus through evolutionary malware obfuscation
- Classification of packed executables for accurate computer virus detection
- Classifying packed malware represented as control flow graphs using deep graph convolutional neural network
- Classifying packed programs as malicious software detected
- A close look at a daily dataset of malware samples
- Collective classification for packed executable identification
- A comparative analysis of classifiers in the recognition of packed executables
- A comparative analysis of software protection schemes
- A comparative assessment of malware classification using binary texture analysis and dynamic analysis
- Comparing malware samples for unpacking: A feasibility study
- Computational-intelligence techniques for malware generation
- A consistently-executing graph-based approach for malware packer identification
- A control flow graph-based signature for packer identification
- Countering entropy measure attacks on packed software detection
- Dealing with virtualization packers
- Denial-of-service attacks on host-based generic unpackers
- Deobfuscation of packed and virtualization-obfuscation protected binaries
- Design and development of a new scanning core engine for malware detection
- Design and performance evaluation of binary code packing for protecting embedded software against reverse engineering
- Detecting packed executable file: Supervised or anomaly detection method?
- Detecting packed executables based on raw binary data
- Detecting packed executables using steganalysis
- Detecting packed PE files: Executable file analysis for the Windows operating system
- Detecting traditional packers, decisively
- Detection of metamorphic malware packers using multilayered LSTM networks
- Detection of packed executables using support vector machines
- Detection of packed malware
- DexHunter: Toward extracting hidden code from packed Android applications
- Disabling anti-debugging techniques for unpacking system in user-level debugger
- Dynamic binary instrumentation for deobfuscation and unpacking
- Dynamic classification of packing algorithms for inspecting executables using entropy analysis
- Effective, efficient, and robust packing detection and classification
- Efficient and automatic instrumentation for packed binaries
- Efficient automatic original entry point detection
- An efficient block-discriminant identification of packed malware
- Efficient malware packer identification using support vector machines with spectrum kernel
- Efficient SVM based packer identification with binary diffing measures
- ELF-Miner: Using structural knowledge and data mining methods to detect new (Linux) malicious executables
- EMBER: An open dataset for training static PE malware machine learning models
- An empirical evaluation of an unpacking method implemented with dynamic binary instrumentation
- Encoded executable file detection technique via executable file header analysis
- Entropy analysis to classify unknown packing algorithms for malware detection
- ESCAPE: Entropy score analysis of packed executable
- Ether: Malware analysis via hardware virtualization extensions
- Eureka: A framework for enabling static malware analysis
- Evading machine learning malware detection
- Experimental comparison of machine learning models in malware packing detection
- Experimental toolkit for studying executable packing - Analysis of the state-of-the-art packing detection techniques
- A fast flowgraph based classification system for packed and polymorphic malware on the endhost
- A fast randomness test that preserves local detail
- Feature set reduction for the detection of packed executables
- File packing from the malware perspective: Techniques, analysis approaches, and directions for enhancements
- A fine-grained classification approach for the packed malicious code
- A generic approach to automatic deobfuscation of executable code
- Generic packing detection using several complexity analysis for accurate malware detection
- Generic unpacker of executable files
- Generic unpacking method based on detecting original entry point
- Generic unpacking of self-modifying, aggressive, packed binary programs
- Generic unpacking techniques
- Generic unpacking using entropy analysis
- Gunpack: Un outil générique d'unpacking de malwares
- Hashing-based encryption and anti-debugger support for packing multiple files into single executable
- A heuristic approach for detection of obfuscated malware
- A heuristics-based static analysis approach for detecting packed PE binaries
- An implementation of a generic unpacking method on Bochs Emulator
- Information theoretic method for classification of packed and encoded files
- Instructions-based detection of sophisticated obfuscation and packing
- A learning model to detect maliciousness of portable executable using integrated feature set
- Limits of static analysis for malware detection
- Maitland: Analysis of packed and encrypted malware via paravirtualization extensions
- Mal-EVE: Static detection model for evasive malware
- Mal-flux: Rendering hidden code of packed binary executable
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- Malware analysis using multiple API sequence mining control flow graph
- Malware analysis using visualized images and entropy graphs
- Malware images: Visualization and automatic classification
- Malware makeover: Breaking ML-based static analysis by modifying executable bytes
- Malware obfuscation techniques: A brief survey
- Malware obfuscation through evolutionary packers
- Malwise - An effective and efficient classification system for packed and polymorphic malware
- McBoost: Boosting scalability in malware collection and analysis using statistical classification of executables
- Memory behavior-based automatic malware unpacking in stealth debugging environment
- Metadata recovery from obfuscated programs using machine learning
- Modern linux malware exposed
- MutantX-S: Scalable malware clustering based on static features
- The new signature generation method based on an unpacking algorithm and procedure for a packer detection
- Obfuscation-resilient executable payload extraction from packed malware
- Obfuscation: The hidden malware
- Obfuscation: Where are we in anti-DSE protections? (a first attempt)
- OmniUnpack: Fast, generic, and safe unpacking of malware
- On deceiving malware classification with section injection
- On the (Im)possibility of obfuscating programs
- On the adoption of anomaly detection for packed executable filtering
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- An original entry point detection method with candidate-sorting for more effective generic unpacking
- Packed malware detection using entropy related analysis: A survey
- Packed malware variants detection using deep belief networks
- Packed PE file detection for malware forensics
- Packer analysis report debugging and unpacking the NsPack 3.4 and 3.7 packer
- Packer classifier based on PE header information
- Packer detection for multi-layer executables using entropy analysis
- Packer identification based on metadata signature
- Packer identification method based on byte sequences
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Packer-complexity analysis in PANDA
- Packing detection and classification relying on machine learning to stop malware propagation
- Pandora's Bochs: Automatic unpacking of malware
- Pattern recognition techniques for the classification of malware packers
- PE file features in detection of packed executables
- PE file header analysis-based packed PE file detection technique (PHAD)
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PE-Probe: Leveraging packer detection and structural information to detect malicious portable executables
- PEAL - Packed executable analysis
- PEzoNG: Advanced packer for automated evasion on Windows
- PolyPack: An automated online packing service for optimal antivirus evasion
- PolyUnpack: Automating the hidden-code extraction of unpack-executing malware
- Preprocessing of binary executable files towards retargetable decompilation
- Prevalence and impact of low-entropy packing schemes in the malware ecosystem
- Qualitative and quantitative evaluation of software packers
- RAMBO: Run-Time packer analysis with multiple branch observation
- REFORM: A framework for malware packer analysis using information theory and statistical methods
- Renovo: A hidden code extractor for packed executables
- RePEconstruct: Reconstructing binaries with self-modifying code and import address table destruction
- Research and implementation of compression shell unpacking technology for PE file
- Research and implementation of packing technology for PE files
- Research of software information hiding algorithm based on packing technology
- Revealing packed malware
- Reverse engineering self-modifying code: Unpacker extraction
- Robust static analysis of portable executable malware
- Runtime packers testing experiences
- SATURN - Software deobfuscation framework based on LLVM
- SCORE: Source code optimization & reconstruction
- SE-PAC: A self-evolving packer classifier against rapid packers evolution
- Secure and advanced unpacking using computer emulation
- Semi-supervised learning for packed executable detection
- Semi-supervised learning for unknown malware detection
- Sensitive system calls based packed malware variants detection using principal component initialized multilayers neural networks
- SoK: Deep packer inspection: A longitudinal study of the complexity of run-time packers
- SPADE: Signature based packer detection
- Standards and policies on packer use
- Static analysis of executables to detect malicious patterns
- Static malware detection & subterfuge: Quantifying the robustness of machine learning and current anti-virus
- A static, packer-agnostic filter to detect similar malware samples
- Structural feature based anomaly detection for packed executable identification
- The study of evasion of packed PE from static detection
- A study of the packer problem and its solutions
- Survey on malware evasion techniques: State of the art and challenges
- Syntia: Synthesizing the semantics of obfuscated code
- Things you may not know about Android (Un) packers: A systematic study based on whole-system emulation.
- Thwarting real-time dynamic unpacking
- A token strengthened encryption packer to prevent reverse engineering PE files
- Toward generic unpacking techniques for malware analysis with quantification of code revelation
- Towards paving the way for large-scale Windows malware analysis: Generic binary unpacking with orders-of-magnitude performance boost
- Tutorial: An overview of malware detection and evasion techniques
- Two techniques for detecting packed portable executable files
- Unconditional self-modifying code elimination with dynamic compiler optimizations
- Understanding linux malware
- A unpacking and reconstruction system-agunpacker
- Unpacking framework for packed malicious executables
- Unpacking techniques and tools in malware analysis
- Unpacking virtualization obfuscators
- UnThemida: Commercial obfuscation technique analysis with a fully obfuscated program
- Using entropy analysis to find encrypted and packed malware
- VMAttack: Deobfuscating virtualization-based packed binaries
- VMRe: A reverse framework of virtual machine protection packed binaries
- WaveAtlas: Surfing through the landscape of current malware packers
- When malware is packin' heat; limits of machine learning classifiers based on static analysis features
- WYSINWYX: What you see is not what you execute
- x64Unpack: Hybrid emulation unpacker for 64-bit Windows Environments and detailed analysis results on VMProtect 3.4
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- REFORM: A framework for malware packer analysis using information theory and statistical methods
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- A comparative assessment of malware classification using binary texture analysis and dynamic analysis
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer classifier based on PE header information
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- SATURN - Software deobfuscation framework based on LLVM
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- Packer identification using hidden Markov model
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- Denial-of-service attacks on host-based generic unpackers
- Detecting obfuscated malware using reduced opcode set and optimised runtime trace
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- Generating adversarial malware examples for black-box attacks based on GAN
- Generic unpacking method based on detecting original entry point
- An improved method for packed malware detection using PE header and section table information
- Intriguing properties of adversarial ML attacks in the problem space
- MAB-Malware: A reinforcement learning framework for attacking static malware classifiers
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- MaliCage: A packed malware family classification framework based on DNN and GAN
- On evaluating adversarial robustness
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer classification based on association rule mining
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- An application of machine learning to analysis of packed mac malware
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Automatic generation of adversarial examples for interpreting malware classifiers
- BitBlaze: A new approach to computer security via binary analysis
- Chosen-instruction attack against commercial code virtualization obfuscators
- Complexity-based packed executable classification with high accuracy
- A fine-grained classification approach for the packed malicious code
- A study of the packer problem and its solutions
- A survey on adversarial attacks for malware analysis
- A survey on run-time packers and mitigation techniques
- Technical report on the cleverhans v2.1.0 adversarial examples library
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Automatic analysis of malware behavior using machine learning
- Detecting traditional packers, decisively
- A fast flowgraph based classification system for packed and polymorphic malware on the endhost
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- ByteWise: A case study in neural network obfuscation identification
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- A close look at a daily dataset of malware samples
- Detecting traditional packers, decisively
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Experimental toolkit for manipulating executable packing
- A fine-grained classification approach for the packed malicious code
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Generic unpacking method based on detecting original entry point
- Information theoretic method for classification of packed and encoded files
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PEzoNG: Advanced packer for automated evasion on Windows
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Binary-code obfuscations in prevalent packer tools
- Detecting traditional packers, decisively
- Experimental toolkit for manipulating executable packing
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- Packer identification using byte plot and Markov plot
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- A fine-grained classification approach for the packed malicious code
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Mal-xtract: Hidden code extraction using memory analysis
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- On the (Im)possibility of obfuscating programs
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- PEzoNG: Advanced packer for automated evasion on Windows
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Experimental toolkit for manipulating executable packing
- A fine-grained classification approach for the packed malicious code
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- Symbolic execution of obfuscated code
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- BitBlaze: A new approach to computer security via binary analysis
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- BitBlaze: A new approach to computer security via binary analysis
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Mal-xtract: Hidden code extraction using memory analysis
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- PEAL - Packed executable analysis
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Packer identification using hidden Markov model
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using byte plot and Markov plot
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- A survey on run-time packers and mitigation techniques
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Packer identification using hidden Markov model
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- BitBlaze: A new approach to computer security via binary analysis
- Denial-of-service attacks on host-based generic unpackers
- Detecting traditional packers, decisively
- DexHunter: Toward extracting hidden code from packed Android applications
- Efficient and automatic instrumentation for packed binaries
- Entropy analysis to classify unknown packing algorithms for malware detection
- A fine-grained classification approach for the packed malicious code
- Generic unpacking method based on detecting original entry point
- A machine-learning-based framework for supporting malware detection and analysis
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- OPEM: A static-dynamic approach for machine-learning-based malware detection
- Packer identification using hidden Markov model
- Pattern recognition techniques for the classification of malware packers
- PE-Miner: Mining structural information to detect malicious executables in realtime
- PEAL - Packed executable analysis
- RAMBO: Run-Time packer analysis with multiple branch observation
- Research of software information hiding algorithm based on packing technology
- Semi-supervised learning for unknown malware detection
- A static, packer-agnostic filter to detect similar malware samples
- A study of the packer problem and its solutions
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Entropy analysis to classify unknown packing algorithms for malware detection
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- Mal-xtract: Hidden code extraction using memory analysis
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- On the (Im)possibility of obfuscating programs
- Packer identification using byte plot and Markov plot
- Experimental toolkit for manipulating executable packing
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- PEzoNG: Advanced packer for automated evasion on Windows
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Detecting traditional packers, decisively
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- On the (Im)possibility of obfuscating programs
- 2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
- Adversarial attacks against windows PE malware detection: A survey of the state-of-the-art
- Adversarial malware binaries: Evading deep learning for malware detection in executables
- Analysis of machine learning approaches to packing detection
- AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
- Birds of a feature: Intrafamily clustering for version identification of packed malware
- Bypassing anti-analysis of commercial protector methods using DBI tools
- Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
- Mal-xtract: Hidden code extraction using memory analysis
- MetaAware: Identifying metamorphic malware
- Obfuscator-LLVM: Software protection for the masses
- On the (Im)possibility of obfuscating programs
- A comprehensive solution for obfuscation detection and removal based on comparative analysis of deobfuscation tools
- Detecting traditional packers, decisively
- Packer identification method for multi-layer executables with k-Nearest neighbor of entropies
- A dynamic heuristic method for detecting packed malware using naive bayes
- Packer identification using byte plot and Markov plot
- Enhancing machine learning based malware detection model by reinforcement learning
- Evading anti-malware engines with deep reinforcement learning
- Experimental toolkit for manipulating executable packing
- Feature selection for malware detection based on reinforcement learning
- Generic black-box end-to-end attack against state of the art API call based malware classifiers
- Intriguing properties of neural networks
- Learning to evade static PE machine learning malware models via reinforcement learning
- PEzoNG: Advanced packer for automated evasion on Windows
- Practical attacks on machine learning: A case study on adversarial
- RePEF — A system for restoring packed executable file for malware analysis
- SOK: (state of) the art of war: Offensive techniques in binary analysis
- A survey on machine learning-based detection and classification technology of malware
- A survey on malware analysis techniques: Static, dynamic, hybrid and memory analysis
- A survey on run-time packers and mitigation techniques
- Symbolic deobfuscation: From virtualized code back to the original
- Towards static analysis of virtualization-obfuscated binaries
-
-
:package: Packers
-
Between 2000 and 2010
- tElock - Telock is a practical tool that intends to help developers who want to protect their work and reduce the size of the executable files.
- TTProtect - Professional protection tool designed for software developers to protect their PE applications against illegal modification or decompilation.
- UPack - Compresses Windows PE file.
- 20to4 - Executable compressor that is able to stuff about 20k of finest code and data into less than 4k.
- ACProtect - Application that allows to protect Windows executable files against piracy, using RSA to create and verify the registration keys and unlock code.
- AHPack - PE and PE+ file packer.
- Application Protector - Tool for protecting Windows applications.
- AT4RE Protector - Very simple PE files protector programmed in ASM.
- AverCryptor - Small and very handy utility designed to encrypt notes in which you can store any private information - it helps to hide your infection from antiviruses.
- BurnEye - Burneye ELF encryption program, x86-linux binary.
- ByteBoozer - Commodore 64 executable packer.
- CryptExec - Next-generation runtime binary encryption using on-demand function extraction.
- EXE Guarder - Licensing tool for PE files allowing to compress and specify a password notice.
- EXE Wrapper - Protects any EXE file with a password from non-authorized execution.
- Exe32Pack - Compresses Win32 EXEs, DLLs, etc and dynamically expands them upon execution.
- EXECryptor - Protects EXE programs from reverse engineering, analysis, modifications and cracking.
- ExeFog - Simple Win32 PE files packer.
- eXPressor - Used as a compressor this tool can compress EXE files to half their normal size.
- FSG - *Fast Small Good*, perfect compressor for small exes, eg.
- GHF Protector - Executable packer / protector based on open source engines Morphine and AHPack.
- HackStop - EXE and COM programs encrypter and protector.
- Kkrunchy - Kkrunchy is a small exe packer primarily meant for 64k intros.
- mPack - mPack - mario PACKersimple Win32 PE Executable compressor.
- NSPack - 32/64-bits exe, dll, ocx, scr Windows program compressor.
- NTPacker - PE file packer relying on aPlib for compression and/or XOR for encryption.
- PECompact - Windows executable compressor featuring third-party plug-ins offering protection against reverse engineering.
- RDMC - DMC algorithm based packer.
- RLPack - Compresses your executables and dynamic link libraries in a way that keeps them small and has no effect on compressed file functionality.
- RSCC - ROSE Super COM Crypt ; polymorph cryptor for files greater than 300-400B and smaller than 60kB.
- RUCC - ROSE Ultra COM Compressor ; COM and EXE compression utility based on 624.
- Sentinel HASP Envelope - Wrapping application that protects the target application with a secure shield, providing a means to counteract reverse engineering and other anti-debugging measures.
- sePACKER - Simple Executable Packer is compressing executables' code section inorder to decrease size of binary files.
- Shiva - Shiva is a tool to encrypt ELF executables under Linux.
- UPX-Scrambler - Scrambler for files packed with UPX (up to 1.06) so that they cannot be unpacked with the '-d' option.
- WinUpack - Graphical interface for Upack, a command-line program used to create self-extracting archives from Windows PE files.
- XComp - PE32 image file packer and rebuilder.
- Yoda Crypter - Supports polymorphic encryption, softice detection, anti-debug API's, anti-dumping, etc, encrypts the Import Table and erases PE Header.
- Yoda Protector - Free, open source, Windows 32-bit software protector.
- HackStop - EXE and COM programs encrypter and protector.
- RSCC - ROSE Super COM Crypt ; polymorph cryptor for files greater than 300-400B and smaller than 60kB.
- UPX-Scrambler - Scrambler for files packed with UPX (up to 1.06) so that they cannot be unpacked with the '-d' option.
- Laturi - Linker and compressor intended to be used for macOS 1k, 4k and perhaps 64K intros.
- RUCC - ROSE Ultra COM Compressor ; COM and EXE compression utility based on 624.
-
After 2010
- Alienyze - Advanced software protection and security for Windows 32-bit executables.
- Alternate EXE Packer - Compression tool for executable files (type EXE) or DLL's relying on UPX 3.96.
- Amber - Position-independent(reflective) PE loader that enables in-memory execution of native PE files(EXE, DLL, SYS).
- Andromeda - Custom packer used in malware campaigns using RunPE techniques for evading AV mitigation methods.
- APKProtect - APK encryption and shell protection supporting Java and C++.
- Armadillo - Incorporates both a license manager and wrapper system for protecting PE files.
- ASPack - Advanced solution created to provide Win32 EXE file packing and to protect them against non-professional reverse engineering.
- ASProtect 32 - Multifunctional EXE packing tool designed for software developers to protect 32-bit applications with in-built application copy protection system.
- ASProtect 64 - Tool for protecting 64-bit applications and .NET applications for Windows against unauthorized use, industrial and home copying, professional hacking and analysis of software products distributed over the Internet and on any physical media.
- AutoIT - Legitimate executable encryption service.
- AxProtector - Encrypts the complete software you aim to protect, and shields it with a security shell, AxEngine, best-of-breed anti-debugging and anti-disassembly methods are then injected into your software.
- Bero - Bero EXE Packer (BEP) for 32-bit windows executables.
- BIN-crypter - EXE protection software against crackers and decompilers.
- BoxedApp Packer
- Code Virtualizer - Code Virtualizer is a powerful code obfuscation system for Windows, Linux and macOS applications that helps developers to protect their sensitive code areas against Reverse Engineering with very strong obfuscation code, based on code virtualization.
- DarkCrypt - Simply and powerful plugin for Total Commander used for file encryption using 100 algorithms and 5 modes.
- DexGuard - Android app obfuscation & security protocols for mobile app protection.
- DexProtector - Multi-layered RASP solution that secures your Android and iOS apps against static and dynamic analysis, illegal use and tampering.
- DotBundle - GUI tool to compress, encrypt ad password-protect a .NET application or embed .NET libraries.
- DotNetZ - Straightforward and lightweight, command-line piece of software written in C that allows you to compress and pack Microsoft .NET Framework executable files.
- ElecKey - Suite of software and tools that offer a complete solution for software protection, copy protection, and license management.
- Enigma Protector - Professional system for executable files licensing and protection.
- Enigma Virtual Box - Application virtualization system for Windows.
- EXE Bundle - Bundles application files into a single PE32 file.
- EXE Stealth - Anti-cracking protection and licensing tool for PE files featuring compression and encryption polymorphic technology.
- Ezuri - A Simple Linux ELF Runtime Crypter.
- GzExe - Utility that allows to compress executables as a shell script.
- LIAPP - Easiest and most powerful mobile app security solution.
- LM-X License Manager - LM-X License Manager lets you protect your products against piracy by enforcing various levels of security, save time, and reduce business risks.
- MPRESS - Compresses (using LZMA) and protects PE, .NET or Mach-O programs against reverse engineering.
- .netshrink - Executable compressor for your Windows or Linux .NET application executable file using LZMA.
- NPack - Can compress 32bits and 64bits exe, dll, ocx, scr Windows program.
- Obsidium - Feature-rich professional software protection and licensing system designed as a cost effective and easy to implement, yet reliable and non-invasive way to protect your 32- and 64-bit Windows software applications and games from reverse engineering.
- PELock - Software protection system for Windows executable files ; protects your applications from tampering and reverse engineering, and provides extensive support for software license key management, including support for time trial periods.
- PEShield - PE-SHiELD is a program, which encrypts 32-bit Windows EXE files, leaving them still executable.
- PESpin
- PEtite - Free Win32 (Windows 95/98/2000/NT/XP/Vista/7/etc) executable (EXE/DLL/etc) compressor.
- RapidEXE - Simple and efficient way to convert a PHP/Python script to a standalone executable.
- Smart Packer - Packs 32 & 64bit applications with DLLs, data files, 3rd party run-time into one single executable that runs instantly, with no installs or hassles.
- Squishy - Modern packer developed for 64kb demoscene productions, targets 32bit and 64bit executables.
- Themida - From Renovo paper: Themida converts the original x86 instructions into virtual instructions in its own randomized instruction set, and then interpret these virtual instructions at run-time.
- UPX - Ultimate Packer for eXecutables.
- VMProtect - VMProtect protects code by executing it on a virtual machine with non-standard architecture that makes it extremely difficult to analyze and crack the software.
- ZProtect - Renames metadata entities and supports advanced obfuscation methods that harden protection scheme and foil reverse engineering altogether.
- ConfuserEx - An open-source, free protector for .NET applications.
- Crinkler - Compressing linker for Windows, specifically targeted towards executables with a size of just a few kilobytes.
- ELFCrypt - Simple ELF crypter using RC4 encryption.
- ELFuck - ELF packer for i386 original version from sk2 by sd.
- Eronona-Packer - This is a packer for exe under win32.
- OSX_Packer - Binary packer for the Mach-O file format.
- BangCle - Protection tool using the second generation Android Hardening Protection, loading the encrypted DEX file from memory dynamically.
- NPack - Can compress 32bits and 64bits exe, dll, ocx, scr Windows program.
- PEzoNG - Framework for automatically creating stealth binaries that target a very low detection rate in a Windows environment.
-
Before 2000
- 32Lite - Compression tool for executable files created with Watcom C/C++ compiler.
- 624 - COM packer that can compress COM programs shorter than 25000 bytes.
- ABK Scrambler - COM file scrambler and protector recoded from ABKprot.
- AEP - Addition Encode-Protective for COM and EXE file.
- AINEXE - DOS executable packer (part of the AIN Archiver suite).
- aPack - 16-bit real-mode DOS executable ( .EXE and .COM ) compressor.
- AVPack - Encrypts EXE or COM files so that they'll be able to start on your PC only.
- AXE - Program compression utility.
- BIN-Lock - COM file scrambler for preventing reverse engineering.
- BitLok - COM and EXE file protector.
- C0NtRiVER - COM file encryptor.
- CauseWay Compressor - DOS EXE compressor.
- CC Pro - COM and EXE executable file compression utility.
- CEXE - Compresses an input EXE into a smaller executable (only runs on WinNT, Win2000 and above - won't run on Win95 or Win98).
- COMProtector - Adds a security envelope around DOS .COM files by randomly encrypting it and adding several anti-debugging tricks.
- CrackStop - Tool that creates a security envelope around a DOS EXE file to protect it against crackers.
- Crunch - File encryptor for COM and EXE files.
- EPack - EXE and COM file compressor ; works with DOS/Windows95 files.
- ExeGuard - DOS EXE files free protector using anti-debugging ticks to prevent hacking, analysis and unpacking.
- EXELOCK 666 - Utility for protecting .EXE files so no lamers can hack out the copyright.
- Fire-Pack
- FSE - Final Fantasy Security Envelope freeware for protecting COM and EXE progams.
- Gardian Angel - COM and EXE encrypter and protector using a variety of anti-debugging tricks.
- JMCryptExe - DOS EXE encrypter.
- LGLZ - DOS EXE and COM file compressor using modified LZ77.
- LzExe - MS-DOS executable file compressor.
- Mask - Tool that prevents COM program from being cracked by using encryption and anti-debugging tricks.
- Megalite - MS-DOS executable file compressor.
- Mess - This tool does the same as HackStop, with the exception that it is freeware for non-commercial use.
- Morphine - Application for PE files encryption.
- Neolite - Compresses Windows 32-bit EXE files and DLLs.
- PACK - Executable files compressor.
- Pack-Ice
- PCShrink - Windows 9x/NT executable file compressor relying on the aPLib compression library.
- PE Diminisher - Simple PE packer relying on the aPLib compression library.
- PE-Protector - Encrypter/protector for Windows 9x/ME to protect executable files PEagainst reverse engineering or cracking with a very strong protection.
- PEBundle - Physically attaches DLL(s) to an executable, resolving dependencies in memory.
- PEPack - PE compression tool based on the code of a newer version of PE-SHiELD.
- PKlite - Easy-to-use file compression program for compressing DOS and Windows executable files.
- Pro-Pack - DOS executable file compressor.
- RERP - ROSE's EXE Relocation Packer.
- RJCrush - EXE and COM files compressor with the ability to compress overlays.
- Scorpion - EXE and COM file encrypter and protector.
- SecuPack - Win32 executable compressor.
- Shrinker - Compresses (up to 70%) 16 and 32 bit Windows and real mode DOS programs.
- SPack
- $PIRIT - COM/EXE executable files polymorphic encryptor.
- SysPack - Device drivers compressor.
- T-Pack - Executable COM-FILE compressor (LZ77) optimized for small files like BBS-Addys or similar files.
- TinyProg - EXE and COM programs compressor.
- TRAP - EXE and COM files encrypter and protector.
- Vacuum - Runtime Compressor for DOS32 executables.
- WinLite - Compresses Windows executables (such as Pklite, Diet or Wwpack) for executables programs under DOS.
- WWPack - Squeezes EXE files, compresses relocation tables, optimizes headers, protects EXE files from hacking.
- XE - PE32 image file packer and rebuilder.
- XorCopy - COM file XOR-based encrypter.
- XORER - COM file XOR-based encrypter.
- XPA - DOS executable packer.
- XPack - EXE/COM/SYS executable file compressor.
- ABK Scrambler - COM file scrambler and protector recoded from ABKprot.
- AEP - Addition Encode-Protective for COM and EXE file.
- AINEXE - DOS executable packer (part of the AIN Archiver suite).
- BIN-Lock - COM file scrambler for preventing reverse engineering.
- BitLok - COM and EXE file protector.
- C0NtRiVER - COM file encryptor.
- CC Pro - COM and EXE executable file compression utility.
- COMProtector - Adds a security envelope around DOS .COM files by randomly encrypting it and adding several anti-debugging tricks.
- CrackStop - Tool that creates a security envelope around a DOS EXE file to protect it against crackers.
- Crunch - File encryptor for COM and EXE files.
- ExeGuard - DOS EXE files free protector using anti-debugging ticks to prevent hacking, analysis and unpacking.
- EXELOCK 666 - Utility for protecting .EXE files so no lamers can hack out the copyright.
- FSE - Final Fantasy Security Envelope freeware for protecting COM and EXE progams.
- Gardian Angel - COM and EXE encrypter and protector using a variety of anti-debugging tricks.
- JMCryptExe - DOS EXE encrypter.
- LzExe - MS-DOS executable file compressor.
- Mask - Tool that prevents COM program from being cracked by using encryption and anti-debugging tricks.
- PKlite - Easy-to-use file compression program for compressing DOS and Windows executable files.
- Scorpion - EXE and COM file encrypter and protector.
- $PIRIT - COM/EXE executable files polymorphic encryptor.
- TRAP - EXE and COM files encrypter and protector.
- WWPack - Squeezes EXE files, compresses relocation tables, optimizes headers, protects EXE files from hacking.
- XE - PE32 image file packer and rebuilder.
- XorCopy - COM file XOR-based encrypter.
- XORER - COM file XOR-based encrypter.
- XPack - EXE/COM/SYS executable file compressor.
- SecuPack - Win32 executable compressor.
- EPack - EXE and COM file compressor ; works with DOS/Windows95 files.
-
-
:bookmark_tabs: Datasets
-
Scientific Research
- Runtime Packers Testset - Dataset of 10 common Malware files, packed with about 40 different runtime packers in over 500 versions and options, with a total of about 5,000 samples.
- SAC - Slovak Antivirus Center, non-commercial project of AVIR and ESET companies ; contains packers, detectors and unpackers.
- ViruSign - Another online malware database.
- VirusShare - Virus online database with more than 44 millions of samples.
- VX Heaven - Site dedicated to providing information about computer viruses.
- VX Underground - PL-CERT based open source MWDB python application holding a malware database containing every APT sample from 2010 and over 7.5M maliciousbinaries.
- VXvault - Online malware database.
- WildList - Cooperative listing of malwares reported as being in the wild by security professionals.
- Contagio - Contagio is a collection of the latest malware samples, threats, observations, and analyses.
- CyberCrime - C² tracking and malware database.
- Malfease - Dataset of about 5,000 packed malware samples.
- Malheur - Contains the recorded behavior of malicious software (malware) and has been used for developing methods for classifying and clustering malware behavior (see the JCS article from 2011).
- Malicia - Dataset of 11,688 malicous PE files collected from 500 drive-by download servers over a period of 11 months in 2013 (DISCONTINUED).
- MalShare - Free Malware repository providing researchers access to samples, malicious feeds, and Yara results.
- The Malware Museum - The Malware Museum is a collection of malware programs, usually viruses, that were distributed in the 1980s and 1990s on home computers.
- MalwareBazaar - Project operated by abuse.ch aimed to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.
- MalwareGallery - Yet another malware collection in the Internet.
- MalwareTips - MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats.
- OARC Malware Dataset - Semi-public dataset of 3,467 samples captured in the wild from Sep 2005 to Jan 2006 by mail traps, user submissions, honeypots and other sources aggregated by the OARC, available to qualified academic and industry researchers upon request.
- Open Malware Project - Online collection of malware samples (formerly Offensive Computing).
- Malicia - Dataset of 11,688 malicous PE files collected from 500 drive-by download servers over a period of 11 months in 2013 (DISCONTINUED).
- MalShare - Free Malware repository providing researchers access to samples, malicious feeds, and Yara results.
- Dataset of Packed ELF - Dataset of packed ELF samples.
- Dataset of Packed PE - Sanitized version of the original dataset, PackingData, removing packed samples from the Notpacked folder but also samples in packer folders that failed to be packed (having a same hash as the original unpacked executable).
- Ember - Collection of features from PE files that serve as a benchmark dataset for researchers.
- FFRI Dataset Scripts - Make datasets like FFRI Dataset.
- MaleX - Curated dataset of malware and benign Windows executable samples for malware researchers containing 1,044,394 Windows executable binaries and corresponding image representations with 864,669 labelled as malware and 179,725 as benign.
- PackingData - Original dataset with sample PE files packed with a large variety of packers, including ASPack, BeRoEXEPacker, exe32pack, eXpressor, FSG, JDPack, MEW, Molebox, MPRESS, Neolite, NSPack, Pckman, PECompact, PEtite, RLPack, UPX, WinUpack, Yoda's Crypter and Yoda's Protector.
- Packware - Datasets and codes that are needed to reproduce the experiments in the paper "When Malware is Packing Heat".
- RCE Lab - Crackme's, keygenme's, serialme's ; the "tuts4you" folder contains many packed binaries.
- SOREL - Sophos-ReversingLabs 20 Million dataset.
- theZoo - Project created to make the possibility of malware analysis open and available to the public.
- MalwareSamples - Bringing you the best of the worst files on the Internet.
- VirusSamples
- VirusTotal - File analysis Web service for detecting malware.
- Dataset of Packed PE - Sanitized version of the original dataset, PackingData, removing packed samples from the Notpacked folder but also samples in packer folders that failed to be packed (having a same hash as the original unpacked executable).
-
-
:wrench: Tools
-
Before 2000
- aPLib - Compression library based on the algorithm used in aPACK.
- Assiste (Packer) - Assiste.com's example list of packers.
- BinUnpack - Unpacking approach free from tedious memory access monitoring, therefore introducing very small runtime overhead.
- Binutils - The GNU Binutils are a collection of binary tools for Linux (it namely includes Readelf).
- BitBlaze - Analysis platform that features a novel fusion of static and dynamic analysis techniques, mixed concrete and symbolic execution, and whole-system emulation and binary instrumentation, all to facilitate state-of-the art research on real security problems.
- Capstone - Lightweight multi-platform, multi-architecture disassembly framework.
- CFF Explorer - PE32/64 and .NET editor, part of the Explorer Suite.
- ChkEXE - Identifies almost any EXE/COM packer, crypter or protector.
- Clamscan Unpacker - Unpacker derived from ClamAV.
- COM2EXE - Free tool for converting COM files to EXE format.
- de4dot - .NET deobfuscator and unpacker.
- Defacto2 Analyzers Archive - Collection of 60 binary files analysers for MS-DOS and Windows32 from the 1990s and the 2000s.
- Defacto2 Packers Archive - Collection of 460 binary and data file packers for MS-DOS and Windows32 from the 1990s and 2000s.
- Defacto2 Unpackers Archive - Collection of 152 binary files unpackers for MS-DOS and Windows 32 from the 1990s and 2000s.
- DIE - Detect It Easy ; Program for determining types of files.
- DynamoRIO - Runtime code manipulation system that supports code transformations on any part of a program, while it executes.
- Emulator - Symantec Endpoint Protector (from v14) capability to create a virtual machine on the fly to identify, detonate, and eliminate malware hiding inside custom malware packers.
- EtherUnpack - Precision universal automated unpacker (successor of PolyUnpack).
- Eureka - Binary static analysis preparation framework implementing a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing.
- ExeScan - Executable file analyzer which detects the most famous EXE/COM Protectors, Packers, Converters and compilers.
- EXETools - Forum for reverse engineering and executale packing related topics.
- GetTyp - File format detection program for DOS based on special strings and byte code.
- GUnpacker - Shell tool that performs OEP positioning and dumps decrypted code.
- ImpREC - This can be used to repair the import table for packed programs.
- Justin - Just-In-Time AV scanning ; generic unpacking solution.
- Language 2000 - Ultimate compiler detection utility.
- LordPE - PE header viewer, editor and rebuilder.
- MRC - (Mandiant Red Curtain) Free software for Incident Responders that assists with the analysis of malware ; it examines executable files (e.g., .exe, .dll, and so on) to determine how suspicious they are based on a set of criteria.
- OEPdet - Automated original-entry-point detector.
- PackerBreaker - Tool for helping unpack, decompress and decrypt most of the programs packed, compressed or encrypted using advanced emulation technology.
- Pandora's Bochs - Extension to the Bochs PC eumlator to enable it to monitor execution of the unpacking stubs for extracting the original code.
- PCjs - PCjs uses JavaScript to recreate the IBM PC experience, using original ROMs, CPUs running at their original speeds, and early IBM video cards and monitors.
- PE Compression Test - List of packers tested on a few sample executables for comparing compressed sizes.
- PE Detective - This GUI tool can scan single PE files or entire directories (also recursevely) and generate complete reports.
- PEdump - Dump windows PE files using Ruby.
- Pefeats - Utility for extracting 119 features from a PE file for use with machine learning algorithms.
- PEiD - Packed Executable iDentifier.
- PEscan - CLI tool to scan PE files to identify how they were constructed.
- PEview - Provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files.
- PExplorer - Most feature-packed program for inspecting the inner workings of your own software, and more importantly, third party Windows applications and libraries for which you do not have source code.
- Pin - Dynamic binary instrumentation framework for the IA-32, x86-64 and MIC instruction-set architectures that enables the creation of dynamic program analysis tools.
- PROTECTiON iD - PE file signature-based scanner.
- Quick Unpack - Generic unpacker that facilitates the unpacking process.
- RDG Packer Detector - Packer detection tool.
- REMnux - Linux toolkit for reverse-engineering and analyzing malicious software.
- Renovo - Detection tool built on top of TEMU (dynamic analysis component of BitBlaze) based on the execution of newly-generated code and monitoring memory writes after the program starts.
- ResourceHacker - Resource editor for 32bit and 64bit Windows applications.
- RTD - Rose Patch - TinyProt/Rosetiny Unpacker.
- RUPP - ROSE SWE UnPaCKER PaCKaGE (for DOS executables only).
- StudPE - PE viewer and editor (32/64 bit).
- SymPack - Safe, portable, largely effective but not generic library for packing detection and unpacking ; part of the Norton Antivirus solution.
- Titanium Platform - Machine learning hybrid cloud platform that harvests thousands of file types at scale, speeds threat detection through machine learning binary analysis, and continuously monitors an index of over 10B files for future threats.
- TrID - Utility for identifying file types from their binary signatures.
- Tuts 4 You - Non-commercial, independent community dedicated to the sharing of knowledge and information on reverse code engineering.
- UnpacMe - Automated malware unpacking service.
- Unpckarc - Packed executables detection tool relying on several heuristics.
- UU - Universal Unpacker.
- Uundo - Universal Undo - Universal Unpacker.
- Uunp (IDA Pro plugin) - IDA Pro debugger plug-in module automating the analysis and unpacking of packed binaries.
- UUP - Universal exe-file UnPacker.
- VMUnpacker - Unpacker based on the technology of virtual machine.
- Defacto2 Packers Archive - Collection of 460 binary and data file packers for MS-DOS and Windows32 from the 1990s and 2000s.
- COM2EXE - Free tool for converting COM files to EXE format.
- Defacto2 Analyzers Archive - Collection of 60 binary files analysers for MS-DOS and Windows32 from the 1990s and the 2000s.
- Defacto2 Unpackers Archive - Collection of 152 binary files unpackers for MS-DOS and Windows 32 from the 1990s and 2000s.
- OmniUnpack - New technique for fast, generic, and safe unpacking of malware by monitoring the execution in real-time and detecting the removed layers of packing.
- REMINDer - Packing detection tool based on the entropy value of the entry point section and the WRITE attribute.
- ExeScan - Executable file analyzer which detects the most famous EXE/COM Protectors, Packers, Converters and compilers.
- ProTools - Programmer's Tools, a web site dedicated for all kinds of tools and utilities for the true WinBloze programmer, including packers, crypters, etc.
- ResourceHacker - Resource editor for 32bit and 64bit Windows applications.
- RDG Packer Detector - Packer detection tool.
-
Categories
Sub Categories
Keywords
malware-research
4
malware-analysis
3
pe-file
2
binary-analysis
2
dataset
2
executable-packing
2
upx
2
samples
2
malware-packers
2
abi
1
apple
1
mach-o
1
osx
1
packer
1
elf-binaries
1
elf-format
1
pe-files
1
pe-format
1
portable-executable
1
deep-learning
1
image-classification
1
machine-learning
1
malware-detection
1
malware
1
malware-samples
1
malwareanalysis
1
thezoo
1