Awesome
Obfuscator-LLVM-16.0
Quick Usage
Get the Docker image and run:
docker pull ghcr.io/joaovarelas/obfuscator-llvm-16.0:latest
docker run -v /path/to/cargo/proj:/projects/ -it <image-id> /bin/bash
# target windows
cargo rustc --target x86_64-pc-windows-gnu --release -- -Cdebuginfo=0 -Cstrip=symbols -Cpanic=abort -Copt-level=3 -Cllvm-args=-enable-allobf
# target linux
cargo rustc --target x86_64-unknown-linux-gnu --release -- -Cdebuginfo=0 -Cstrip=symbols -Cpanic=abort -Copt-level=3 -Cllvm-args=-enable-allobf
Compiled binaries will be placed at ./target
directory.
Available OLLVM Features
Current Rust OLLVM is based on Hikari which has the following features:
-
Anti Class Dump:
-enable-acdobf
-
Anti Hooking:
-enable-antihook
-
Anti Debug:
-enable-adb
-
Bogus Control Flow:
-enable-bcfobf
-
(*) Control Flow Flattening:
-enable-cffobf
-
Basic Block Splitting:
-enable-splitobf
-
Instruction Substitution:
-enable-subobf
-
Function CallSite Obf:
-enable-fco
-
(*) String Encryption:
-enable-strcry
-
Constant Encryption:
-enable-constenc
-
(*) Indirect Branching:
-enable-indibran
-
(*) Function Wrapper:
-enable-funcwra
-
Enable ALL of the above:
-enable-allobf
(not going to work and you'll probably run out of memory)
* not working
Development
TO-DO