unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
__init__.py Importable as a module Mar 4, 2013



This tool will search through an XOR-encoded file (binary, text-file, whatever) and use known-plaintext attacks to deduce the original keystream. Works on keys half as long as the known-plaintext, in linear complexity.

The code is pretty straightforward

For more details and a short explanation of the theory behind this, please refer to:

Related Work

unXOR is included in Lenny Zeltser's REMnux, along with other great tools such as XORStrings, ex_pe_xor, XORSearch, brutexor/iheartxor, xortool, NoMoreXOR, XORBruteForcer, Balbuzard


unXOR (C) 2014 Thomas Chopitea

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.