Obfusion - C++ X86 Code Obfuscation Library
This library handles obfuscation of assembled X86 machine code in order to make it harder to read and analyze during the reverse engineering process.
Should work very well with obfuscating shellcode that is later embedded with executable files. If shellcode is known to security products, the obfuscation process should make it bypass any signature detection scans.
This is a follow-up to the research I did on obfuscation of x86 instructions that I documented on my blog:
Library was initially compiled with MSVS2008, so there should be no compatibility issues even if you try to compile it using newer versions of Visual Studio.
Makefiles for Linux are coming soon(ish).
examples/ directory to learn how to implement this library in your own projects.
Here is the disassembled sample shellcode that spawns
calc.exe in original form: original shellcode
And here is the disassembly of the same sample shellcode after the 3-pass obfuscation process: obfuscated shellcode
How to compile
.sln solution in Visual Studio (at least version 2008) and click
Navigate to project directory and type:
cmake . make sudo make install
Hacker Disassembler Engine 32/64 Copyright (c) 2006-2009, Vyacheslav Patkov. All rights reserved.
E-mail: kuba -at- breakdev.org
Library is released under GNU/GPL version 3.0
Copyright (c) 2016 Kuba Gretzky