de4py - toolkit for python reverse engineering
https://github.com/Fadi002/de4py/raw/main/Pictures/de4py.jpgDe4py are an Advanced python deobfuscator with a beautiful UI and a set of Advanced features that enables malware analysts and reverse engineers to deobfuscate python files and more.
FeatureFunction
DeobfuscationDe4py support some popular obfuscators, like: Jawbreaker, BlankOBF, PlusOBF, Wodx, Hyperion, pyobfuscate.com obfuscator
Pycode ExecutionExecuting your python code inside the process which can be useful in many cases to make the program do something you want to make it do, for example if the program have licensing and it calls the real "main" only if you bought the program you can call it directly.
Strings DumpDumping Strings in the python process and saving it as a file which can be pretty useful to extract data from memory such as webhooks.
Removing Exit FunctionRemoving the exit function which can be extremely useful if the python program tried to exit itself if it found a debugger or a VM
Getting All FunctionsGetting all functions inside the python process which can be really useful when trying to modify a python function in memory
Pyshell GUICustom GUI to make it easy to execute python code inside the desired process.
GUI and Console SupportDe4py supports both console and GUI, but why use console when you can have a nice-on-the-eyes GUI, am i right? ;)
File Analyzeran analyzer that have many features like detecting if the python program is packed and tries to unpack it if it was using pyinstaller for example, it also got a feature that shows either all strings or suspicious strings (suspicious strings like: IPs, websites, and "token" "discord" "leveldb" strings and other suspicious strings in the file) and shows them in a nice output window.
Behavior MonitoringDe4py can monitor python processes and see if they opened any files handles, opened a process, wrote/readed the memory of other processes and also monitoring if the process terminated other processes, in addition to sockets monitoring (including the size of data that is being sent and the ip that is being sent/recieved from) along with dumping socket content to a file and dumping OpenSSL encrypted content decrypted into a file.
Plugins systemYou can add plugins to de4py to customize the theme or add custom deobfuscators plugins repo and docs here
Download:https://github.com/Fadi002/de4py/releases 译:De4py 是一款强大的 Python 反混淆器,它有着漂亮的UI和许多高级功能,可帮助病毒分析师和逆向工程师对 Python 文件等进行反混淆处理。
剩下的太多了建议机翻 血压起来了 换个图床呗,加载特别慢 火绒报毒了 mark 下,有时间看看 感谢大佬分享
页:
[1]