РЕКЛАМА НА ФОРУМЕ 
MultiVPN РЕКЛАМА НА ФОРУМЕ

Read Before Try To Making Crypter

Сообщения
272
Реакции
821
Баллы
123
Read Before Try To Making Crypter

Before asking how to code a crypter, please read these. There are so many tutorials & guides online and only thing what you are looking from here by asking how to code a crypter is a shortcut.
There isn't one, except copy & paste. If you weren't looking for a shortcut on programming a crypter, then your researching skills lacks.

Add Section and Import Function Manually
Link: http://tuts4you.com/download.php?view.1569

Adding a Section in PE
Link: http://tuts4you.com/download.php?view.527

Adding Sections
Link: http://tuts4you.com/download.php?view.225

Advanced PE Image Rebuilding
Link: http://tuts4you.com/download.php?view.226

An In-Depth Look into the Win32 PE File Format
Link: http://tuts4you.com/download.php?view.228

PE Brief Notes
Link: http://tuts4you.com/download.php?view.232

PE File Structure
Link: http://tuts4you.com/download.php?view.238

PE101 - A Windows Executable Walkthrough
Link: http://tuts4you.com/download.php?view.3321

PE102 - A Windows Executable Format Overview
Link: http://tuts4you.com/download.php?view.3502

The PE File Format
Link: http://tuts4you.com/download.php?view.241

The PE Format
Link: http://tuts4you.com/download.php?view.3085

The PE Header
Link: http://tuts4you.com/download.php?view.240

The Portable Executable File Format
Link: http://tuts4you.com/download.php?view.2892

Visualizations of the Portable Executable File Format
Link: http://tuts4you.com/download.php?view.3380

Win32 Resource File Format
Link: http://tuts4you.com/download.php?view.242

Understanding Windows Shellcode
Link: http://tuts4you.com/download.php?view.1237

Binary Code Obfuscation Through C++ Template Meta-Programming
Link: http://tuts4you.com/download.php?view.3423

Mimimorphism: A New Approach to Binary Code Obfuscation
Link: http://tuts4you.com/download.php?view.3027

On Entropy Measures for Code Obfuscation
Link: http://tuts4you.com/download.php?view.3370

Advanced Encryption Standard by Example
Link: http://tuts4you.com/download.php?view.167

Anti-Unpacker Tricks 1
Link: http://tuts4you.com/download.php?view.2277

Anti-Unpacker Tricks 2 - Part 1
Link: http://tuts4you.com/download.php?view.2544

Anti-Unpacker Tricks 2 - Part 2
Link: http://tuts4you.com/download.php?view.2630

Anti-Unpacker Tricks 2 - Part 3
Link: http://tuts4you.com/download.php?view.2647

Anti-Unpacker Tricks 2 - Part 5
Link: http://tuts4you.com/download.php?view.2702

Anti-Unpacker Tricks 2 - Part 6
Link: http://tuts4you.com/download.php?view.2740

Anti-Unpacker Tricks 2 - Part 8
Link: http://tuts4you.com/download.php?view.2928

Anti-Unpacker Tricks 2 - Part 9
Link: http://tuts4you.com/download.php?view.2940

The Ultimate Anti-Debugging Reference
Link: http://tuts4you.com/download.php?view.3260

Windows Anti-Debug Reference

Link: http://tuts4you.com/download.php?view.1919

Ideas on advanced runtime encryption of .NET Executables
Link: http://www.nullsecurity.net/papers/nulls...rypter.pdf

Implementation of Runtime PE-Crypter
Link: http://www.nullsecurity.net/papers/nulls...slides.pdf

Hyperion: Implementation of a PE-Crypter
Link: http://www.nullsecurity.net/papers/nulls...rypter.pdf

Bypassing Address Space Layout Randomization
Link: http://www.nullsecurity.net/papers/nulls...s-aslr.pdf

Unprotecting the crypter - a generic approach
Link: http://www.exploit-db.com/wp-
content/themes/exploit/docs/18242.pdf

Crypter Theory Part 1 - The DOS MZ Header
Link: http://nn-fraktion.blogspot.com/2013/01/...eader.html

Crypter Theory Part 2 - PE Header 1/2
Link: http://nn-fraktion.blogspot.fi/2013/01/c...er-12.html

PE File Features in Detection of Packed Executables
Link: http://www.ijcte.org/papers/512-S10014.pdf

Antivirus evasion techniques show ease in avoiding antivirus detection
Link: http://searchsecurity.techtarget.com/fea...-detection

Anti-virus Evasion Techniques
Link: http://dl.packetstormsecurity.net/papers...avevasion-
techniques.pdf

Anti-Virus Evasion: A Peek Under the Veil
Link: http://pen-testing.sans.org/blog/2013/07...r-the-veil

Advanced Metamorphic Techniques in Computer Viruses
Link: http://download.adamas.ai/dlbase/Stuff/V...apb01.html

"DELAYED CODE" technology (version 1.1)
Link: http://download.adamas.ai/dlbase/Stuff/V...vzo23.html

"Do polymorphism" tutorial
Link: http://download.adamas.ai/dlbase/Stuff/V...vwm01.html

Advanced Polymorphism Primer
Link: http://download.adamas.ai/dlbase/Stuff/V...vda01.html

Advanced polymorphic engine construction
Link: http://download.adamas.ai/dlbase/Stuff/V...vmd03.html

Analysis of the "Offensive Polymorphic Engine v2"
Link: http://download.adamas.ai/dlbase/Stuff/V...val00.html

Stealth API-based decryptor
Link: http://download.adamas.ai/dlbase/Stuff/V...vkz00.html

About undetectable viruses
Link: http://download.adamas.ai/dlbase/Stuff/V...vzo69.html

Some stealth idea's
Link: http://download.adamas.ai/dlbase/Stuff/V...vdi07.html

Some New Ideas for Future Viruses

Link: http://download.adamas.ai/dlbase/Stuff/V...val02.html

Automated reverse engineering: Mistfall engine
Link: http://download.adamas.ai/dlbase/Stuff/V...vzo21.html

Anti AV Techniques For Batch
Link: http://download.adamas.ai/dlbase/Stuff/V...vcg00.html

Anti heuristic techniques
Link: http://download.adamas.ai/dlbase/Stuff/V...vbj01.html

Anti Virus Detection Strategies and how to overcome them
Link: http://download.adamas.ai/dlbase/Stuff/V...vtd02.html

ANTI-Anti-Virus Tricks Version 1.00
Link: http://download.adamas.ai/dlbase/Stuff/V...vmx01.html

Anti-Debugger & Anti-Emulator Lair

Link: http://download.adamas.ai/dlbase/Stuff/V...vlj03.html

Anti-debugging in Win32
Link: http://download.adamas.ai/dlbase/Stuff/V...vlj05.html

The Anti-Virus Cook Book v1.5
Link: http://download.adamas.ai/dlbase/Stuff/V...akw00.html

The Anti-Virus Strategy System
Link: http://download.adamas.ai/dlbase/Stuff/V...asg08.html

Antivirus Software Testing for the New Millenium
Link: http://download.adamas.ai/dlbase/Stuff/V...asg15.html

A Taxonomy of Obfuscating Transformations
Link: https://tuts4you.com/download.php?view.3421

A Tool Kit for Code Obfuscation
Link: https://tuts4you.com/download.php?view.2916

Application Security through Program Obfuscation
Link: https://tuts4you.com/download.php?view.3131

Applied Binary Code Obfuscation
Link: https://tuts4you.com/download.php?view.2979

Array Data Transformation for Source Code
Link: https://tuts4you.com/download.php?view.2901

Automatic Binary Deobfuscation
Link: https://tuts4you.com/download.php?view.2978

Basing Obfuscation on Simple Tamper-Proof Hardware Assumptions
Link: https://tuts4you.com/download.php?view.3452

Code Obfuscation and Lighty Compressor Unpacking
Link: https://tuts4you.com/download.php?view.3235

Control Code Obfuscation by Abstract Interpretation
Link: https://tuts4you.com/download.php?view.3372

Exception Handling to Build Code Obfuscation Techniques
Link: https://tuts4you.com/download.php?view.2910

Mimimorphism: A New Approach to Binary Code Obfuscation
Link: https://tuts4you.com/download.php?view.3027

Practical Obfuscating Programs

Link: https://tuts4you.com/download.php?view.2904

Program Obfuscation
Link: https://tuts4you.com/download.php?view.2903

Using Optimization Algorithms for Malware Deobfuscation
Link: https://tuts4you.com/download.php?view.2971

HTG Explains: How Antivirus Software Works
Link: http://www.howtogeek.com/125650/htg-expl...are-works/

Antivirus software
Link: http://en.wikipedia.org/wiki/Antivirus_software

How Antivirus Programs Work
Link: http://www.dummies.com/how-to/content/ho...-work.html

How Antivirus works
Link: http://www.engineersgarage.com/mygarage/...irus-works

How antivirus software works: Virus detection techniques
Link: http://searchsecurity.techtarget.com/tip...techniques

How a Cloud Antivirus Works
Link: http://computer.howstuffworks.com/cloud-...ivirus.htm

Binary Obfuscation Using Signals
Link: https://www.cs.arizona.edu/solar/papers/obf-signal.pdf

Binary-Code Obfuscations in Prevalent Packer Tools
Link: ftp://ftp.cs.wisc.edu/paradyn/papers/Rou...ackers.pdf

Obfuscation: Malware’s best friend
Link: http://blog.malwarebytes.org/intelligenc...st-friend/

An Anti-Reverse Engineering Guide
Link: http://www.codeproject.com/Articles/3081...ring-Guide

Clever tricks against antiviruses
Link: http://x-n2o.net/clever-tricks-against-antiviruses

Win32 Equivalents for C Run-Time Functions

Link: http://support.microsoft.com/default.asp...-US;q99456

How to write a simple packer using C language (download)
Link: https://mega.co.nz/#!pxF3DJ5S!S4CnHTKxrc...wjkuhjz7BI

About AV-Checker
Link: http://vxheavens.com/lib/vpr03.html

Dynamic Analysis .. What is it and how to defeat it?!
Link: http://vxheavens.com/lib/vmo03.html

"Smart" trash: building of logic
Link: http://vxheavens.com/lib/vpo01.html

Code Mutations via Behaviour Analysis
Link: http://vxheavens.com/lib/vsp27.html

Heaven's Gate: 64-bit code in 32-bit file
Link: http://vxheavens.com/lib/vrg16.html

PE Infector
Link: http://marcoramilli.blogspot.fi/2011/03/...ector.html

Evolution of Computer Virus Concealment and Anti-Virus
Techniques: A Short Survey

Link: http://arxiv.org/ftp/arxiv/papers/1104/1104.1070.pdf

Hunting for Metamorphic Engines
Link: http://vxheavens.com/lib/pdf/Hunting f...ngines.pdf

Using Entropy Analysis to Find Encrypted and Packed Malware
Link: http://virii.es/U/Using Entropy Anal...alware.pdf

RtlQueryProcessHeapInformation As Anti-Dbg Trick
Link: http://evilcodecave.wordpress.com/2009/04/

Windows Anti-Debug Reference
Link: http://www.symantec.com/connect/articles...-reference

Debuggers Anti-Attaching Techniques - Part 1
Link: http://waleedassar.blogspot.com.br/2011/...iques.html

Metemorphic Programming
Link: https://beardocs.baylor.edu/xmlui/bitstr...sequence=1

The Shellcoder's Handbook
Link: http://files.xakep.biz/books/Wiley.The.S...g.2007.pdf

Hyperion: Implementation of a PE-Crypter
Link: http://www.exploit-db.com/wp-content/the.../18849.pdf

Bypassing Anti-Virus Scanners
Link: http://dl.packetstormsecurity.net/papers...ing-av.pdf

PE Infection Strategies
Link: https://evilzone.org/tutorials/(paper%...trategies/

Anti-Emulation Through Time-Lock Puzzles
Link: https://tuts4you.com/download.php?view.2348

Generate small binaries using Visual Studio
Link: http://thelegendofrandom.com/blog/archives/2231

Search for more, examples of sentences & keywords:

In depth look into binary obfuscation
In depth look into windows pe file
How malware works
How antivirus works
In depth look into pe resource files
How binary obfuscation works
Explanation of PE sections
How antivirus pattern matching works
PE Infection Strategies
How antivirus detects virus
Why malware is undetectable
Code injection using SetWindowsHookEx
Code Injection modifying the Main Thread
Antivirus runtime detection
Windows dynamic forking
Windows process hollowing
C++ codecave injection
Codecave Injection using CreateRemoteThread
Windows malware explained
C++ dynamic api calling
Compile time polymorphism
C++ variadic templates

Special links!

Link: http://google.com
Link: http://msdn.microsoft.com

Useful Tools :

CFF Explorer
Link: http://www.ntcore.com/exsuite.php

HxD

Link: http://mh-nexus.de/en/hxd/

Resource Hacker
Link: http://www.angusj.com/resourcehacker/

OllyDbg

Link: http://www.ollydbg.de/

Sources to study
Note: Password for all archives is 'qmz'

Krypton 7.1 Crypter

Description:
-Morph icons
-Junk generator
-Initial handler + Morpher + STUB
You need:
-Visual Studio 2010 and Visual Assist X 10.7(place after installing vstudio)
-The file on the crypts should be located in your bin directory.

Features:
1. Console interface
2. Polymorph
3. Garbage code, garbage, trash section
4. Normalize the entropy on output
5. Built-in compression
6. Packer linker input file is automatically determined. The decision to use
some compression is automatically accepted on the basis of several factors:
- Was a packer at the entrance
- The degree of compression
- Entropy
7. Overlay support
8. Support command line arguments;
9. Ability to "noise" icons
10. Randomly size output or within the specified limits
11.Two types of antiemulation + VM + antidebugging
12. A lot more, complex source

Download the source


Source - Polymorphic engine + micro assembler

Link: http://www.mpgh.net/forum/31-c-c-program...mbler.html

Source - Metamorphic Obfuscator
Link: http://www.mpgh.net/forum/31-c-c-program...cator.html

Source - Several anti-debugging, anti-disassembly and anti-virtualization techniques
Link: https://github.com/rrbranco/blackhat2012...amples.cpp

API hashing compile-time (Credits: karcrack)
CryptAPI.hpp:

Link: http://pastebin.com/Cn7PQDMu

Example usage, main.cpp:
Link: http://pastebin.com/pvTZ7bTM

Template for automatically obfuscating code for every build you make(C++11)
Link: http://pastebin.com/nV4sqnaa

More Tutorial Video


Source : Hackforum
 
Сообщения
817
Реакции
613
Баллы
123
Воооообще по тихой читануть-то нужно:D
 
Сверху