Skip to content
/ madcrypt Public

Simple script that strips/compresses/signs any PE in an effort to lower antivirus detection ratio.

5 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mado-95/madcrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
bin
bin
 
 
exes
exes
 
 
README.md
README.md
 
 
madcrypt.sh
madcrypt.sh
 
 

Repository files navigation

madcrypt v1.0

A script that strips/compresses/signs any portable executable in an effort to lower antivirus detection ratio.

usage

git clone https://github.com/mado-95/madcrypt
cd madcrypt
bash madcrypt.sh

requirements

  • bash
  • python2
  • UPX compressor
  • GNU/Strip

All binaries must be in PATH and executable. This script was designed/tested on Debian 10. Other operating systems should work as long as they have the above packages but there will be no support for errors on non-Debian platforms.

quickcrypt

In madcrypt/bin, you'll find the quickcrypt.sh file. This script contains the full functionality of madcrypt, but is faster and takes arguments from command line.

Example usage:

bash quickcrypt.sh /root/malware.exe /root/Downloads/template.exe

This will obfuscate the /root/malware.exe and sign it using /root/Downloads/putty.exe

Please note the script is designed to function located in madcrypt/bin only and if you're moving it elsewhere you'll have to change the paths to madfill.py and sigthief.py.

About

Simple script that strips/compresses/signs any PE in an effort to lower antivirus detection ratio.

Topics

pentesting pe antivirus-evasion

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages