rusty-jsyc
warbirdvm
rusty-jsyc | warbirdvm | |
---|---|---|
2 | 1 | |
163 | 203 | |
- | 2.5% | |
0.0 | 10.0 | |
12 months ago | about 6 years ago | |
Rust | Ruby | |
GNU Lesser General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rusty-jsyc
- Reverse Engineering TikTok's VM Obfuscation (Part 2)
-
Reverse Engineering TikTok's VM Obfuscation (Part 1)
Based on my previous research into this, the magic keywords to find this kind of thing on Google are "virtualization obfuscation" or "VM obfuscation".
rusty-jsyc is the main open source implementation I've found, though it hasn't been touched in a few years: https://jwillbold.com/posts/obfuscation/2019-06-16-the-secre... (GitHub: https://github.com/jwillbold/rusty-jsyc)
I think there are other implementations, but they're proprietary so I didn't look into them very much. There are lots of posts out there about reversing virtualization obfuscation, but not many about implementing it. Seems like most people who put the effort into implementing it tend to prefer selling it commercially (which I suppose makes sense).
warbirdvm
-
Reverse Engineering TikTok's VM Obfuscation (Part 2)
Microsoft also uses its own VM-based obfuscation tools (warbird VM), used in some parts of the kernel for something like 20 years now, and in many other things like xbox live, drm stuff or login. (see here for some in depth info)
What are some alternatives?
pocket - Mixed Boolean Arithmetic Expression Obfuscator
javascript-obfuscator - A powerful obfuscator for JavaScript and Node.js
ezkl - ezkl is an engine for doing inference for deep learning models and other computational graphs in a zk-snark (ZKML). Use it from Python, Javascript, or the command line.
shape-security-decompiler-toolkit - Full dynamic tool kit that is capable of deobfuscating and decompiling shape security's virtual machine obfuscation
blog - nullpt.rs website
jsvm - Custom virtual machine in javascript for obfuscation purposes