SkidSuite
unfuck
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SkidSuite
-
Open-Obfuscator: A free and open-source solution for obfuscating mobile applications.
Check the android page: https://github.com/GenericException/SkidSuite
-
An Introduction To Android Malware Reverse Engineering
There's some other useful Android reversal tools listed on: https://github.com/GenericException/SkidSuite/blob/master/android.md
unfuck
-
Show HN: A new LLVM optimization pass that aggressively reduces WebAssembly size
This is sweet! This is actually a very similar approach to how I deobfuscate Python bytecode: https://github.com/landaire/unfuck/blob/bfa164b4e261deffeb37...
My code is pretty messy, but I take the same exact approach of taking known function parameters, interpreting the instructions, and removing any condition and the instructions which built its arguments if it evaluates to a constant value. Even called it partial execution as well :p
- GitHub - landaire/unfuck: Python 2.7 bytecode d̶e̶o̶b̶f̶u̶s̶c̶a̶t̶o̶r unfucker
-
Unfuck: A utility for deobfuscating Python 2.7 bytecode
I haven't heard of this tool before, but I don't think it would work for obfuscated code. Check out the graph image on my wiki [1]. While this image doesn't show the exact scenario, imagine that the first instruction is a `JUMP_ABSOLUTE 100` and the rest of the instructions between offset [3,100) are just garbage or invalid.
A naive disassembler (like the `dis` module in python) interprets the bytecode linearly -- i.e. one instruction after another. Rizin's diassembler [2] seems to take the same approach. The way I do disassembly is to only disassemble code paths that are potentially executed by queueing non-conditional jumps, both targets of a conditional jump, and the next instruction when the current instruction is non-jumping instruction.
[1] https://github.com/landaire/unfuck/wiki/Obfuscation-Tricks
- unfuck - a deobfuscator for Python 2.7 bytecode
What are some alternatives?
skidfuscator-java-obfuscator - Public proof-of-concept obfuscator using the MapleIR framework designed by cts & bibl
rizin - UNIX-like reverse engineering framework and command-line toolset.
Deobfuscator - Some deobfuscator for java lol
cwe_checker - cwe_checker finds vulnerable patterns in binary executables
obfuscator - A java obfuscator (GUI)
debugoff - Linux anti-debugging and anti-analysis rust library
Recaf - The modern Java bytecode editor
pocket - Mixed Boolean Arithmetic Expression Obfuscator
SSVM - Java VM running on a JVM
thefuck - Magnificent app which corrects your previous console command.
threadtear - Multifunctional java deobfuscation tool suite
binocle - a graphical tool to visualize binary data