Crypter ProtectMyTooling

[dEEpEst]

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.

With ProtectMyTooling you can quickly obfuscate your binaries without having to worry about clicking through all the Dialogs, interfaces, menus, creating projects to obfuscate a single binary, clicking through all the options available and wasting time about all that nonsense. It takes you straight to the point - to obfuscate your tool.

Aim is to offer the most convenient interface possible and allow to leverage a daisy-chain of multiple packers combined on a single binary.

That's right - we can launch ProtectMyTooling with several packers at once:

C:\> py ProtectMyTooling.py hyperion,upx mimikatz.exe mimikatz-obf.exe


The above example will firstly pass mimikatz.exe to the Hyperion for obfuscation, and then the result will be provided to UPX for compression. Resulting with UPX(Hyperion(file))

Features

• Supports multiple different PE Packers, .NET Obfuscators, Shellcode Loaders/Builders
  
• Allows daisy-chaining packers where output from a packer is passed to the consecutive one: callobf,hyperion,upx will produce artifact UPX(Hyperion(CallObf(file)))
  
• Collects IOCs at every obfuscation step so that auditing & Blue Team requests can be satisfied
  
• Offers functionality to inject custom Watermarks to resulting PE artifacts - in DOS Stub, Checksum, as a standalone PE Section, to file's Overlay
  
• Comes up with a handy Cobalt Strike aggressor script bringing protected-upload and protected-execute-assembly commands
  
• Straightforward command line usage
  

Installation 

To see this hidden content, you must like this content.