Note
If this reprository is useful to you in in any shape or form please give it a star.
How it works
This protection works by taking all the assembly instructions in the code section and storing them in a table that will be encrypted. After that the instruction is replaced by a debugger breakpoint. On runtime the host processs will debug the child process and restore the original instructions.
How to use
- Make sure you have rust installed
- Open it in VS Code or your preferred IDE
- Run
cargo run --bin infector -- <file>
- Run
cargo build --release --bin runtime
Prerequisites
Setup
- Run
cargo run --bin infector -- <file>
- Run
cargo build --release --target=x86_64-pc-windows-msvc --bin runtime
Disclaimer
This project is based on https://github.com/melotic/rekk
Contributing
- Fork it
- Create your branch (
git checkout -b my-change
) - Commit your changes (
git commit -am 'changed something'
) - Push to the branch (
git push origin my-change
) - Create new pull request