Skip to content

vxlang/vxlang-page

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

133 Commits
image
image
 
 
src
src
 
 
vxlang
vxlang
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

VxLang


What is vxlang?

VXLANG is a project designed to prevent reverse-engineering behaviors such as static or dynamic analysis, file tampering, and unauthorized access to memory by attackers.

The vxlang project currently targets x86-64 system and .Net binaries, native binary files for the Microsoft Windows operating system, including executables with the ".exe" extension, dynamic link library files with the ".dll" extension, and kernel driver files with the ".sys" extension. (The types of target binaries supported by vxlang will be expanded in future updates).

Virtualization Preview

Before

After

Obfuscation Preview

Before

After

Precautions

  • Optimization : Verify that VxVirtualizationBegin and VxVirtualizationEnd are in the same block.
    If procedures are merged due to code optimization, problems may arise.
  • switch-case : In the switch-case, when the branch movement is not an IMM value, it may be moved to the original position.
  • Exception handling : Currently, the virtual CPU does not support exception handling.

How to get the full version

The full version of VxLang is developed and operated under donation through Patreon.
The exact usage of VxLang and sharing of extension module code, new features of VxLang, etc. will be shared.
If you have any questions, please send your request to the email below.

Usage

Latest Version

  • Download
    • Demo: ver.1.5.2.0
    • Full: Latest version

1.x.x

  • 1.5.3.0
    • Fixed intermittent crashes that occurred during the obfuscation process.
  • 1.5.2.0
  • VxLang Link-Event updates:
    • SDK END-Event has been added.
    • Extension modules can now be integrated with the following SDK calls.
      • VL_OBFUSCATION_BEGIN / VL_OBFUSCATION_END
      • VL_CODE_FLATTENING_BEGIN / VL_CODE_FLATTENING_END
      • VL_VIRTUALIZATION_BEGIN / VL_VIRTUALIZATION_END
    • Fixed critical-bug related to 32-bit binaries.
    • VxLang Core-Shell code has been optimized to be lighter.
  • 1.5.1.0
    • VxLang interrupt-events have been removed.
    • VxLang Link-events have been added.
      • SDK Begin event has been added.
      • SDK End event will be added soon.
  • 1.5.0.1
    • Fixed MAP/PDB-related function size calculation.
  • 1.5.0.0
    • Fixed Critical Bugs.
      • Fixed a bug related to memory protection.
      • Fixed a bug related to DLL protection.
      • Fixed a bug where the ImageBase was incorrectly set.
  • 1.4.9.0
    • Install interrupts at VxLang entry-points.
      • The interrupt-vxlang-entry flag needs to be set.
      • If add-on are present, they can receive event.
        • #define VXLANG_INTERRUPT_VL_ENTRY 0xA0000005
  • 1.4.8.0
    • Fixed bug in handling static-variables.
    • Fixed bug related to DLL unload.
    • Fixed bug in MAP file parsing.
  • 1.4.7.0
    • Integrated SDK parsing.
    • Added support for 32-bit virtualization SEH.
    • Fixed packer shell code bug (related to TLS installation).
    • Added PDB parsing.
  • 1.4.6.0
    • Adjust code flattening size -It will be patched to achieve the optimal size.
    • Filter SEH in code virtualization sections
      • Change to obfuscation sections.
  • 1.4.5.0
    • Modified code flattening obfuscation method
    • Adjusted total size of code flattening
    • Fixed bugs in MAP-based obfuscation/virtualization
  • 1.4.4.0
    • An On/Off option for Import Table Mutation has been added.
      • This feature is enabled by default, but in CMD mode, you can disable it using the --disable-import-mutation option.
      • e.g. If Min-Hook is not working, try disabling this option.
  • 1.4.3.1
    • Minor bug fixes.
      • Fixed a bug where a command prompt window would appear when anti-tamper was activated.
  • 1.4.3.0
    • The command-line mode has been re-enabled.
      • Unlike before, a temp.json file is created and referenced.
      • The command-line mode does not support adding add-ons.
    • Fixed a small bug. -Log output
  • 1.4.2.0
    • Added obfuscation and virtualization features based on MAP files.
    • Modified JSON projects to allow compression of multiple files.
      • support older versions of JSON.
    • Discontinuation of Command-Line based feature support.

TODO

  • Task
    • Add ELF32/64 format for x86-64
    • Add code obfuscation methods for x86-64
      • Once the above steps are complete, add the ARM system for the ELF file format.

Special Thanks

Thank you to everyone who helped with the development.

About

protector & obfuscator & code virtualizer

vxlang.github.io/

Topics

windows security packer dotnet kernel-module virtual-machine x86-64 reverse-engineering virtualization obfuscator x86 kernel-driver protector virtualizer vmprotect anti-tamper themida code-virtualizer

Resources

Readme
Activity
Custom properties

Stars

354 stars

Watchers

11 watching

Forks

28 forks
Report repository

Contributors 2

Languages