bc265c6d6b
- Started working on the initial concept and base implementation for AntiDebug detection. - The goal is to use stealthy techniques (similar to Themida) to detect debugging attempts. - An additional feature is being developed to troll reverse engineers by triggering a forced BSOD upon detection, causing them to lose their analysis progress.
Ryūjin Protector
Ryūjin Protector is an open-source Bin2Bin obfuscation, protection, and DRM tool for Windows PE binaries targeting the Intel x64 architecture(Only).
Features
- Junk Code Insertion + Code Mutation (Fully randomic without breaking the original logic)
- IAT Call Access Obfuscation(With obfuscated handlers access)
- Random Section naming(Default name: Ryujin)
- Mathematical Operators Virtualization(aka: Ryūjin MiniVM)
- Obfuscated code Encryption(Using TeaDelKew Algorithm)
- Anti-Debug User + Kernel(Planned)
- Anti-Dump(Planned)
- Anti-Disassembly(Planned)
- Troll Reversers(Exclusive Planned)
Goals
Ryūjin was designed and developed for the study of obfuscators with Bin2Bin capabilities, making it a viable project for use by third parties as well as serious information security students. This includes: Commercial Developers, Indie Developers/Cheat Developers, Anti-Cheat Developers, Malware Developers, Malware Analysts, and Security Researchers.
A Simple Comparison on a "main" function. before and after applying Ryūjin:
This is only a small demo with only one Ryūjin feature, others feature together produce a better result.
Getting Started
GITHUB_WIKI_URL