Navigating the maze of binary obfuscation? Meet the “Donut-Decryptor”, a tool tailored to decode the elusive Donut obfuscation. Dive in to unravel its capabilities and bring clarity to concealed code.
Beyond mere decryption, it’s a spotlight in the shadowy corridors of cybersecurity. A must-have for those battling coded enigmas.
A configuration and module extractor for the donut binary obfuscator.
donut-decryptor
checks file(s) for known signatures of the donut obfuscator’s loader shellcode.
If located, it will parse the shellcode to locate, decrypt, and extract the DONUT_INSTANCE
structure embedded in the binary, and report pertinent configuration data.
If a DONUT_MODULE
is present in the binary it is decrypted and dumped to disk.
donut-decryptor
currently requires the separate installation of the chaskey-lts module.
You can install donut-decryptor
for usage by navigating to the root directory of the project and using pip:
cd /path/to/donut-decryptor
python -m pip install .
Following installation, a command-line script is available. For usage instructions use:
donut-decryptor --help
The files present in the samples
directory are 7z files password protected using the password `infected“, all of which contain donuts which can be decoded using this script.
bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. BeVigil…
Explore the comprehensive world of Open-Source Intelligence (OSINT) with our curated list of active links…
BBOT (Bighuge BLS OSINT Tool) is a recursive internet scanner inspired by Spiderfoot, but designed to…
Andriller - is software utility with a collection of forensic tools for smartphones. It performs…
Designed as a full-stack web application, this tool amalgamates a plethora of services to streamline…
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything…