https://github.com/5noxi/aes-cbc-encryption

PowerShell encryption using AES CBC - 256 bit encryption key.
https://github.com/5noxi/aes-cbc-encryption

aes-256 aes-encryption amsi-bypass crypter encrypt encryption mixed-boolean-arithmetic obfuscate obfuscator powershell reverse reverse-engineering reversed tool xencrypt

Last synced: 9 months ago
JSON representation

PowerShell encryption using AES CBC - 256 bit encryption key.

• Host: GitHub
• URL: https://github.com/5noxi/aes-cbc-encryption
• Owner: 5Noxi
• License: gpl-3.0
• Created: 2024-12-31T14:25:18.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-07-13T14:59:45.000Z (9 months ago)
• Last Synced: 2025-07-13T16:32:21.683Z (9 months ago)
• Topics: aes-256, aes-encryption, amsi-bypass, crypter, encrypt, encryption, mixed-boolean-arithmetic, obfuscate, obfuscator, powershell, reverse, reverse-engineering, reversed, tool, xencrypt
• Language: PowerShell
• Homepage: https://discord.gg/E2ybG4j9jU
• Size: 4.81 MB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# AES 256-Bit CBC Encryption - Combined With Further Obfuscation

PowerShell encryption using  AES CBC (ECB insecure, CFB/OFB obsolete) and further obfuscation to make it hard to reverse your code. Based on [xencrypt](https://github.com/the-xentropy/xencrypt), but no longer comparable, as everything has been revised. `Input File` is mandatory, if the `Output File` path isn't set, it'll use the current file name and adds `NV-`. Default iteration is `2`, increasing it too much can end up in errors (you should test whether it still starts normally, if not, run the encryption again). A combination with the [minifier](https://github.com/5Noxi/PowerShell-Minifier/tree/main) is possible (before).

Preview:

https://github.com/user-attachments/assets/96c8e28a-934b-4e41-aabd-cda308bd1493

- `256` bit encryption key / `128` bit block size 

   - `Gzip` and `Deflate` compression

   - Cipher block chaining mode

   - Random padding mode (not `None`)

- Randomized variable names

   - Each variable gets created with a random amount of `16-32` characters from the "Arabic, Chinese, Japanese, Russian, Greek, Korean" alphabets & a preconfigured name

- Randomized comments for additional confusion

   - Using a configured character preset - length of `70-80`

- Many parts of the decryption stub are reversed and encoded

- Adjustable iterations (default is `2`)

- Different character obfuscation (last layer only)

`Detailed Logging` - Displays the padding modes, compression types and found patterns (character obfuscation)

`Add Dead Branches` - Adds dead `if` blocks (amount can be changed with `$insc`)

 ## Discord Server 

- https://discord.gg/E2ybG4j9jU