Tag: obfuscation

VBScrambler – A Python-Based VBScript Code Obfuscator

VBScrambler is a Python based VBScript code obfuscator which essentially takes VBScript as a form of input, either file or inline code, and provides an obfuscated VBScript one liner as output. The obfuscation works by taking the original VBScript, performing…

May 8, 2024
Deobfuscating PowerShell Code Using Sublime Text

When we think of malware analysis, especially when it comes to the analysis of malicious scripts, we generally don’t think of our noble text editors of anything but… well, text editors. While there are many ways of deobfuscating PowerShell and…

February 14, 2024
Reordered Format String Deobfuscator

This script simply deobfuscates obfuscated PowerShell files or commands which leverage “Format String Reordering” in order to hide its original code. For more information on this obfuscation technique, see: https://www.securonix.com/blog/hiding-the-powershell-execution-flow/ The script has the ability to deobfuscate format strings in an…

February 13, 2024
Invoke-XORfuscation

Generate obfuscated PowerShell commands using XOR logic with random keys. Generate obfuscated PowerShell commands using XOR logic with random keys. Each variable as well as the XOR key is randomly generated. The resulting code is a PowerShell one-liner (or entire…

February 13, 2024
Py-BATCH-Fuscator

Obfuscate or Deobfuscate Batch Scripts using Encoding A set of Python scripts that uses a known method of batch script obfuscation by messing with the encoding. Simply pass in the encode/decode [-e/-d] parameter and file name ending in either .cmd…

February 13, 2024
Invoke-Mathfuscation – GitHub

A quick command line utility that converts individual characters of an input string into char values. It then takes a user-supplied number value and uses it to obfuscate the individual char values. Lastly, it outputs a simple obfuscated one-liner using…

February 13, 2024