Skip to content
/ SynCrypt Public

A polymorphic encryption and obfuscation tool for payload delivery, detection evasion, and security research.

6 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

syntheticlol/SynCrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
Encrypt.c
Encrypt.c
 
 
README.md
README.md
 
 
install.bat
install.bat
 
 
install.sh
install.sh
 
 
syncrypt.c
syncrypt.c
 
 
syncrypt.h
syncrypt.h
 
 

Repository files navigation

SynCrypt

Polymorphic encryption & obfuscation for red/blue team research

Polymorphic Encryption Junk Masked Output Red & Blue Team

✨ Features

  • Polymorphic Output: Each encryption is unique using random seeds & encoding.
  • Junk Masking: Random characters obfuscate the ciphertext to evade simple detection.
  • Multiple Encodings: Supports 5 unpredictable formats (synxxxx, sxxyxxn, etc.).
  • Compact Header: Only 48 bytes (32-byte seed + 16-byte nonce).
  • 256-bit Symmetric Key for encryption/decryption.
  • CLI Interface: Easy to encrypt/decrypt messages.
  • File Output: Results saved to enc.log for convenience.

⚙ How It Works

  1. Random seed + nonce generated per encryption.
  2. Plaintext encrypted using a custom S-box + encoding map.
  3. Junk characters inserted after every 2 real characters.
  4. Decryption reverses the masking & restores original text.

🚀 Quick Start

# Build
gcc -o syncrypt.exe encrypt.c syncrypt.c

# Run
./syncrypt.exe

Example: Encrypting EICAR Test String

Header (paste for decryption):

b3Z12n4dIc8m43kbbk8baa6s1fv03w5as7dr09e38n25Z1fK5dyd4CcbxfcF96xf5T45L3bS13g0dy89p0aS1cFdbaaed32p20o9ao50eeeF40x78Z36Bfdc12O49e32Jf6U9ev7dP49vdca

Encrypted:

sybn0o19y4sGynp00o14esyyn0L07f4sPynB02N26Psyln0j17V2sRynV00i68psyYn0a10m7syyne00h90wsyQn0n05q5srynq00P35Msyxn0U02j1s...

(truncated for readability)

Decrypted Result:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

🎯 Use Cases

  • Red Team: Payload staging, C2 obfuscation, loader beacons, bypass naive DLP/IDS.
  • Blue Team: Detection research, reverse engineering, forensic analysis.
  • Research: Demonstrates limits of pattern-based & entropy detection.

🔍 Detection Notes

  • Junk-masked + polymorphic output evades simple regex/YARA detection.
  • Header + key are required to decode; decryption impossible without them.
  • Forensics: repeated 2 real + 1 junk character patterns can be tracked.

📌 Future Goals

  • Support binary/file encryption.
  • Integrate with C2 frameworks (Cobalt Strike, Mythic, Merlin).
  • Add adaptive junk patterns for better evasion.
  • Provide Python/PowerShell wrappers.
  • GUI or web-based frontend.
  • Streaming encryption for large files.
  • Peer review & detection/cryptanalysis testing.

⚖ License & Disclaimer

MIT License. For research, red/blue team development only. Not intended for sensitive production data.

SynCrypt – polymorphic encryption made simple & flexible for research purposes.

About

A polymorphic encryption and obfuscation tool for payload delivery, detection evasion, and security research.

Topics

encoder obfuscator crypter blue-team red-teaming red-team-tools blue-team-tool fudcrypter

Resources

Readme
Activity

Stars

6 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages