ed224188f7
- Researching how to insert a safe stub to handle detections for anti-debugging and troll attempts as part of the TrollReversers feature. - Currently, it only inserts a "Hello World" MessageBox in each procedure indicated to Ryujin. - This stub is completely safe and does not break the original code logic or flow. It can be fully mutated and obfuscated when reanalyzing opcodes, making it fully compatible with all Ryujin features simultaneously.
Ryūjin Protector
Ryūjin Protector is an open-source Bin2Bin obfuscation, protection, and DRM tool for Windows PE binaries targeting the Intel x64 architecture(Only).
Features
- Junk Code Insertion + Code Mutation (Fully randomic without breaking the original logic)
- IAT Call Access Obfuscation(With obfuscated handlers access)
- Random Section naming(Default name: Ryujin)
- Mathematical Operators Virtualization(aka: Ryūjin MiniVM)
- Obfuscated code Encryption(Using TeaDelKew Algorithm)
- Anti-Debug User + Kernel(Planned)
- Anti-Dump(Planned)
- Anti-Disassembly(Planned)
- Troll Reversers(Exclusive Planned)
Goals
Ryūjin was designed and developed for the study of obfuscators with Bin2Bin capabilities, making it a viable project for use by third parties as well as serious information security students. This includes: Commercial Developers, Indie Developers/Cheat Developers, Anti-Cheat Developers, Malware Developers, Malware Analysts, and Security Researchers.
A Simple Comparison on a "main" function. before and after applying Ryūjin:
This is only a small demo with only one Ryūjin feature, others feature together produce a better result.
Getting Started
GITHUB_WIKI_URL