dEEpEst Posted October 17, 2023 Share Posted October 17, 2023 Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable. With ProtectMyTooling you can quickly obfuscate your binaries without having to worry about clicking through all the Dialogs, interfaces, menus, creating projects to obfuscate a single binary, clicking through all the options available and wasting time about all that nonsense. It takes you straight to the point - to obfuscate your tool. Aim is to offer the most convenient interface possible and allow to leverage a daisy-chain of multiple packers combined on a single binary. That's right - we can launch ProtectMyTooling with several packers at once: This is the hidden content, please Sign In or Sign Up The above example will firstly pass mimikatz.exe to the Hyperion for obfuscation, and then the result will be provided to UPX for compression. Resulting with UPX(Hyperion(file)) Features Supports multiple different PE Packers, .NET Obfuscators, Shellcode Loaders/Builders Allows daisy-chaining packers where output from a packer is passed to the consecutive one: callobf,hyperion,upx will produce artifact UPX(Hyperion(CallObf(file))) Collects IOCs at every obfuscation step so that auditing & Blue Team requests can be satisfied Offers functionality to inject custom Watermarks to resulting PE artifacts - in DOS Stub, Checksum, as a standalone PE Section, to file's Overlay Comes up with a handy Cobalt Strike aggressor script bringing protected-upload and protected-execute-assembly commands Straightforward command line usage Installation This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts