برامج مساعدة في فك التشفيرDeobfucations

[tenzensow]

---

Reverse XOR and other code obfuscation methods.

https://bitbucket.org/decalage/balbuzard/wiki/Home]Balbuzard

 - A malware analysis tool for reversing obfuscation (XOR, ROL, etc) and more.

https://github.com/0xd4d/de4dot]de4dot

 - .NET deobfuscator and unpacker.

http://hooked-on-mnemonics.blogspot.com/2014/04/expexorpy.html]ex_pe_xor

 & 

http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html]iheartxor

 - Two tools from Alexander Hanel for working with single-byte XOR encoded files.

https://github.com/fireeye/flare-floss]FLOSS

 - The FireEye Labs Obfuscated String Solver uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries.

https://github.com/hiddenillusion/NoMoreXOR]NoMoreXOR

 - Guess a 256 byte XOR key using frequency analysis.

https://github.com/BromiumLabs/PackerAttacker]PackerAttacker

 - A generic hidden code extractor for Windows malware.

https://github.com/unipacker/unipacker]un{i}packer

 - Automatic and platform-independent unpacker for Windows binaries based on emulation.

https://github.com/malwaremusings/unpacker/]unpacker

 - Automated malware unpacker for Windows malware based on WinAppDbg.

https://github.com/tomchop/unxor/]unxor

 - Guess XOR keys using known-plaintext attacks.

https://github.com/jnraber/VirtualDeobfuscator]VirtualDeobfuscator

 - Reverse engineering tool for virtualization wrappers.

http://eternal-todo.com/var/scripts/xorbruteforcer]XORBruteForcer

 - A Python script for brute forcing single-byte XOR keys.

https://blog.didierstevens.com/programs/xorsearch/]XORSearch & XORStrings

 - A couple programs from Didier Stevens for finding XORed data.

https://github.com/hellman/xortool]xortool

 - Guess XOR key length, as well as the key itself.