1
  1. Этот сайт использует файлы cookie. Продолжая пользоваться данным сайтом, Вы соглашаетесь на использование нами Ваших файлов cookie. Узнать больше.
Приветствуем вас,Гость, на форуме IFUD.WS. Обязательно рекомендуется к прочтению правила форума http://ifud.ws/threads/obnovleno-pravila-foruma.7759

Read Before Try To Making Crypter

Тема в разделе "Помощь по программированию", создана пользователем F.I.G.H.T.E.R, 30 мар 2014.

  1. TopicStarter Overlay
    F.I.G.H.T.E.R

    F.I.G.H.T.E.R

    Регистрация:
    14 дек 2013
    Сообщения:
    272
    Симпатии:
    822
    Read Before Try To Making Crypter

    Before asking how to code a crypter, please read these. There are so many tutorials & guides online and only thing what you are looking from here by asking how to code a crypter is a shortcut.
    There isn't one, except copy & paste. If you weren't looking for a shortcut on programming a crypter, then your researching skills lacks.

    Add Section and Import Function Manually
    Link: Please login or register to view links

    Adding a Section in PE
    Link: Please login or register to view links

    Adding Sections
    Link: Please login or register to view links

    Advanced PE Image Rebuilding
    Link: Please login or register to view links

    An In-Depth Look into the Win32 PE File Format
    Link: Please login or register to view links

    PE Brief Notes
    Link: Please login or register to view links

    PE File Structure
    Link: Please login or register to view links

    PE101 - A Windows Executable Walkthrough
    Link: Please login or register to view links

    PE102 - A Windows Executable Format Overview
    Link: Please login or register to view links

    The PE File Format
    Link: Please login or register to view links

    The PE Format
    Link: Please login or register to view links

    The PE Header
    Link: Please login or register to view links

    The Portable Executable File Format
    Link: Please login or register to view links

    Visualizations of the Portable Executable File Format
    Link: Please login or register to view links

    Win32 Resource File Format
    Link: Please login or register to view links

    Understanding Windows Shellcode
    Link: Please login or register to view links

    Binary Code Obfuscation Through C++ Template Meta-Programming
    Link: Please login or register to view links

    Mimimorphism: A New Approach to Binary Code Obfuscation
    Link: Please login or register to view links

    On Entropy Measures for Code Obfuscation
    Link: Please login or register to view links

    Advanced Encryption Standard by Example
    Link: Please login or register to view links

    Anti-Unpacker Tricks 1
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 1
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 2
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 3
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 5
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 6
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 8
    Link: Please login or register to view links

    Anti-Unpacker Tricks 2 - Part 9
    Link: Please login or register to view links

    The Ultimate Anti-Debugging Reference
    Link: Please login or register to view links

    Windows Anti-Debug Reference

    Link: Please login or register to view links

    Ideas on advanced runtime encryption of .NET Executables
    Link: Please login or register to view links

    Implementation of Runtime PE-Crypter
    Link: Please login or register to view links

    Hyperion: Implementation of a PE-Crypter
    Link: Please login or register to view links

    Bypassing Address Space Layout Randomization
    Link: Please login or register to view links

    Unprotecting the crypter - a generic approach
    Link: Please login or register to view links
    content/themes/exploit/docs/18242.pdf

    Crypter Theory Part 1 - The DOS MZ Header
    Link: Please login or register to view links

    Crypter Theory Part 2 - PE Header 1/2
    Link: Please login or register to view links

    PE File Features in Detection of Packed Executables
    Link: Please login or register to view links

    Antivirus evasion techniques show ease in avoiding antivirus detection
    Link: Please login or register to view links

    Anti-virus Evasion Techniques
    Link: Please login or register to view links
    techniques.pdf

    Anti-Virus Evasion: A Peek Under the Veil
    Link: Please login or register to view links

    Advanced Metamorphic Techniques in Computer Viruses
    Link: Please login or register to view links

    "DELAYED CODE" technology (version 1.1)
    Link: Please login or register to view links

    "Do polymorphism" tutorial
    Link: Please login or register to view links

    Advanced Polymorphism Primer
    Link: Please login or register to view links

    Advanced polymorphic engine construction
    Link: Please login or register to view links

    Analysis of the "Offensive Polymorphic Engine v2"
    Link: Please login or register to view links

    Stealth API-based decryptor
    Link: Please login or register to view links

    About undetectable viruses
    Link: Please login or register to view links

    Some stealth idea's
    Link: Please login or register to view links

    Some New Ideas for Future Viruses

    Link: Please login or register to view links

    Automated reverse engineering: Mistfall engine
    Link: Please login or register to view links

    Anti AV Techniques For Batch
    Link: Please login or register to view links

    Anti heuristic techniques
    Link: Please login or register to view links

    Anti Virus Detection Strategies and how to overcome them
    Link: Please login or register to view links

    ANTI-Anti-Virus Tricks Version 1.00
    Link: Please login or register to view links

    Anti-Debugger & Anti-Emulator Lair

    Link: Please login or register to view links

    Anti-debugging in Win32
    Link: Please login or register to view links

    The Anti-Virus Cook Book v1.5
    Link: Please login or register to view links

    The Anti-Virus Strategy System
    Link: Please login or register to view links

    Antivirus Software Testing for the New Millenium
    Link: Please login or register to view links

    A Taxonomy of Obfuscating Transformations
    Link: Please login or register to view links

    A Tool Kit for Code Obfuscation
    Link: Please login or register to view links

    Application Security through Program Obfuscation
    Link: Please login or register to view links

    Applied Binary Code Obfuscation
    Link: Please login or register to view links

    Array Data Transformation for Source Code
    Link: Please login or register to view links

    Automatic Binary Deobfuscation
    Link: Please login or register to view links

    Basing Obfuscation on Simple Tamper-Proof Hardware Assumptions
    Link: Please login or register to view links

    Code Obfuscation and Lighty Compressor Unpacking
    Link: Please login or register to view links

    Control Code Obfuscation by Abstract Interpretation
    Link: Please login or register to view links

    Exception Handling to Build Code Obfuscation Techniques
    Link: Please login or register to view links

    Mimimorphism: A New Approach to Binary Code Obfuscation
    Link: Please login or register to view links

    Practical Obfuscating Programs

    Link: Please login or register to view links

    Program Obfuscation
    Link: Please login or register to view links

    Using Optimization Algorithms for Malware Deobfuscation
    Link: Please login or register to view links

    HTG Explains: How Antivirus Software Works
    Link: Please login or register to view links

    Antivirus software
    Link: Please login or register to view links

    How Antivirus Programs Work
    Link: Please login or register to view links

    How Antivirus works
    Link: Please login or register to view links

    How antivirus software works: Virus detection techniques
    Link: Please login or register to view links

    How a Cloud Antivirus Works
    Link: Please login or register to view links

    Binary Obfuscation Using Signals
    Link: Please login or register to view links

    Binary-Code Obfuscations in Prevalent Packer Tools
    Link: Please login or register to view links

    Obfuscation: Malware’s best friend
    Link: Please login or register to view links

    An Anti-Reverse Engineering Guide
    Link: Please login or register to view links

    Clever tricks against antiviruses
    Link: Please login or register to view links

    Win32 Equivalents for C Run-Time Functions

    Link: Please login or register to view links

    How to write a simple packer using C language (download)
    Link: Please login or register to view links

    About AV-Checker
    Link: Please login or register to view links

    Dynamic Analysis .. What is it and how to defeat it?!
    Link: Please login or register to view links

    "Smart" trash: building of logic
    Link: Please login or register to view links

    Code Mutations via Behaviour Analysis
    Link: Please login or register to view links

    Heaven's Gate: 64-bit code in 32-bit file
    Link: Please login or register to view links

    PE Infector
    Link: Please login or register to view links

    Evolution of Computer Virus Concealment and Anti-Virus
    Techniques: A Short Survey

    Link: Please login or register to view links

    Hunting for Metamorphic Engines
    Link: Please login or register to view links

    Using Entropy Analysis to Find Encrypted and Packed Malware
    Link: Please login or register to view links

    RtlQueryProcessHeapInformation As Anti-Dbg Trick
    Link: Please login or register to view links

    Windows Anti-Debug Reference
    Link: Please login or register to view links

    Debuggers Anti-Attaching Techniques - Part 1
    Link: Please login or register to view links

    Metemorphic Programming
    Link: Please login or register to view links

    The Shellcoder's Handbook
    Link: Please login or register to view links

    Hyperion: Implementation of a PE-Crypter
    Link: Please login or register to view links

    Bypassing Anti-Virus Scanners
    Link: Please login or register to view links

    PE Infection Strategies
    Link: Please login or register to view links

    Anti-Emulation Through Time-Lock Puzzles
    Link: Please login or register to view links

    Generate small binaries using Visual Studio
    Link: Please login or register to view links

    Search for more, examples of sentences & keywords:

    In depth look into binary obfuscation
    In depth look into windows pe file
    How malware works
    How antivirus works
    In depth look into pe resource files
    How binary obfuscation works
    Explanation of PE sections
    How antivirus pattern matching works
    PE Infection Strategies
    How antivirus detects virus
    Why malware is undetectable
    Code injection using SetWindowsHookEx
    Code Injection modifying the Main Thread
    Antivirus runtime detection
    Windows dynamic forking
    Windows process hollowing
    C++ codecave injection
    Codecave Injection using CreateRemoteThread
    Windows malware explained
    C++ dynamic api calling
    Compile time polymorphism
    C++ variadic templates

    Special links!

    Link: Please login or register to view links
    Link: Please login or register to view links

    Useful Tools :

    CFF Explorer
    Link: Please login or register to view links

    HxD

    Link: Please login or register to view links

    Resource Hacker
    Link: Please login or register to view links

    OllyDbg

    Link: Please login or register to view links

    Sources to study
    Note: Password for all archives is 'qmz'

    Krypton 7.1 Crypter

    Description:
    -Morph icons
    -Junk generator
    -Initial handler + Morpher + STUB
    You need:
    -Visual Studio 2010 and Visual Assist X 10.7(place after installing vstudio)
    -The file on the crypts should be located in your bin directory.

    Features:
    1. Console interface
    2. Polymorph
    3. Garbage code, garbage, trash section
    4. Normalize the entropy on output
    5. Built-in compression
    6. Packer linker input file is automatically determined. The decision to use
    some compression is automatically accepted on the basis of several factors:
    - Was a packer at the entrance
    - The degree of compression
    - Entropy
    7. Overlay support
    8. Support command line arguments;
    9. Ability to "noise" icons
    10. Randomly size output or within the specified limits
    11.Two types of antiemulation + VM + antidebugging
    12. A lot more, complex source

    Please login or register to view links


    Source - Polymorphic engine + micro assembler

    Link: Please login or register to view links

    Source - Metamorphic Obfuscator
    Link: Please login or register to view links

    Source - Several anti-debugging, anti-disassembly and anti-virtualization techniques
    Link: Please login or register to view links

    API hashing compile-time (Credits: karcrack)
    CryptAPI.hpp:

    Link: Please login or register to view links

    Example usage, main.cpp:
    Link: Please login or register to view links

    Template for automatically obfuscating code for every build you make(C++11)
    Link: Please login or register to view links

    More Tutorial Video



    Source : Hackforum
     
    • Like Like x 5
    Метки:
  2. googie

    googie Команда форума

    Регистрация:
    27 июл 2012
    Сообщения:
    824
    Симпатии:
    616
    Воооообще по тихой читануть-то нужно:D
     

Поделиться этой страницей

Загрузка...