Skip to content

gemesa/phantom-pass

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

107 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

phantom-pass

Phantom pass is a collection of LLVM IR and machine code level obfuscation passes. The techniques are either extracted from reversed malware samples (e.g. Mirai and Hancitor) or obtained via OSINT. The passes are primarily intended for AArch64, but some also work on other architectures.

The documentation can be found here.

How to build and run the passes

$ make

How to run the executables

$ make run

About

LLVM based code obfuscator passes

shadowshell.io/phantom-pass/

Topics

obfuscation compiler llvm obfuscator llvm-ir anti-reversing llvm-pass obfuscation-tool anti-reverse-engineering

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages