Cyber security

Donut-Decryptor : Unmasking Binary Secrets

Navigating the maze of binary obfuscation? Meet the “Donut-Decryptor”, a tool tailored to decode the elusive Donut obfuscation. Dive in to unravel its capabilities and bring clarity to concealed code.

Beyond mere decryption, it’s a spotlight in the shadowy corridors of cybersecurity. A must-have for those battling coded enigmas.

A configuration and module extractor for the donut binary obfuscator.

Description

donut-decryptor checks file(s) for known signatures of the donut obfuscator’s loader shellcode.

If located, it will parse the shellcode to locate, decrypt, and extract the DONUT_INSTANCE structure embedded in the binary, and report pertinent configuration data.

If a DONUT_MODULE is present in the binary it is decrypted and dumped to disk.

Requirements

donut-decryptor currently requires the separate installation of the chaskey-lts module.

Installation

You can install donut-decryptor for usage by navigating to the root directory of the project and using pip:

cd /path/to/donut-decryptor
python -m pip install .

Following installation, a command-line script is available. For usage instructions use:

donut-decryptor --help

Examples

The files present in the samples directory are 7z files password protected using the password `infected“, all of which contain donuts which can be decoded using this script.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

How OpenClaw Works

Imagine if you had a super-powered assistant who could automatically handle all the boring, repetitive…

2 hours ago

How to Use the Linux find Command to Locate Files Like a Pro

Managing files efficiently is a core skill for anyone working in Linux, whether you're a…

2 days ago

How to Check Open Ports in Linux Using netstat, ss, and lsof

Open ports act as communication endpoints between your Linux system and the outside world. Every…

2 days ago

Best Endpoint Monitoring Tools for 2026

Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…

4 days ago

Best 9 Incident Response Automation Tools

Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…

4 days ago

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

2 months ago