Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/v-p-b/peCloakCapstone
Platform independent peCloak fork based on Capstone
https://github.com/v-p-b/peCloakCapstone
Last synced: about 2 months ago
JSON representation
Platform independent peCloak fork based on Capstone
- Host: GitHub
- URL: https://github.com/v-p-b/peCloakCapstone
- Owner: v-p-b
- Created: 2015-08-19T14:46:50.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2016-03-21T23:38:15.000Z (about 8 years ago)
- Last Synced: 2024-01-26T07:01:56.070Z (4 months ago)
- Language: Python
- Size: 148 KB
- Stars: 100
- Watchers: 8
- Forks: 39
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Lists
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-pentest-resource - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-penetest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Tools / Anti-virus Evasion Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Tools / Defense Evasion Tools)
- awesome-pentest-listas - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Tools / Anti-virus Evasion Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Tools / Anti-virus Evasion Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
- awesome-pentest - peCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool. (Anti-virus Evasion Tools / Tor Tools)
README
peCloak - Capstone
==================
This is a simple fork of [SecuritySift's peCloak](http://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/) that uses [Capstone](http://www.capstone-engine.org). The intention is to provide a fork based on a well-maintained, up-to-date disassembly library and to make the script multi-platform.
Here's what I did so far:
* Replaced pydasm with Capstone
* Included a patched version of [SectionDoubleP](http://git.n0p.cc/?p=SectionDoubleP.git;a=summary) as it also relied on pydasm
* Made data (un)packing platform independent by always using standard sizes
This way I managed to create obfuscated 32-bit Windows executables on 64-bit Linux which is nice :)
Still, this is just a quick hack, bugs most probably hide here and there and I probably left some dead code too.