Skip to content

vertigo6622/obsidian-protector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits
img
img
 
 
stubs
stubs
 
 
util
util
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
obsidian.c
obsidian.c
 
 
stub.c
stub.c
 
 

Repository files navigation

obsidian x64 pe packer

signal: vertigo.66

introduction:

obsidian is a custom x64 pe packer / executable protector written in C. it is designed to be paired with a loader stub that decrypts and executes the packed payload.

a compiled stub example is available in the stubs folder that uses rolling xor obfuscation with shifts and does not contain any anti-debugging mechanisms.

this packer/stub has been tested to work on putty.exe, strings.exe, and can even pack itself, and then pack other executables from the packed state.

every pe stub/loader gets burned the moment its source becomes public. the only way to stay ahead of this is to write your own custom one. i have included a template for you to fill out with your own code.

obsidian splashscreen

features:

community edition-v1.1:

  • improved xor algorithm
  • hash-based import lookups
  • compiled xorshift64+ stub (stubs/stub.bin)
  • high entropy ASLR support
  • stub template (BYOS - bring your own stub)
  • extensive debug output (-DDEBUG & --debug flags)
  • randomized config marker
  • zeroed out optional headers
  • secure key generation
  • checksum recalculation
  • pe section manipulation
  • progress bar and colors

pro edition-v0.8:

  • SPECK 128/128 CTR encryption
  • aPlib compression
  • extensive syscall anti-debug (--ultra)
  • anti-sandbox
  • crc32 integrity checks

to-do:

community and pro edition:

  • pyinstaller support
  • remain updated to keep ahead of av detection
  • next-gen SGN encoding (pro)

commercial edition(future):

  • license support/hardware binding
  • online key provisioning
  • DRM-like protections
  • proper gui
  • virtualization

usage:

.\obsidian.exe [--debug] program.exe packed.exe

putty debugging output

detect-it-easy

detect-it-easy

compile:

requirements:

  • mingw64 tool suite available at https://winlibs.com/
  • windbg or other debugger
  • python interpreter for clean.py

commands:

  • .\gcc.exe stub.c -o stub.o [-DDEBUG] -fno-asynchronous-unwind-tables -fno-ident -fno-stack-protector
  • .\ld.exe stub.o -o stub.exe -nostdlib --build-id=none -s --entry=_start
  • .\objcopy.exe -O binary stub.exe stub.bin
  • .\windres.exe resource.rc -o resource.o
  • .\gcc.exe obsidian.c resource.o -o obsidian.exe -lbcrypt

detections:

please report any AV detections on signal or via my email: vertigo6622@protonmail.com

license:

this software is licensed under a modified ACSL 1.4 license.

About

obsidian is an executable protector for windows. compiled stub and source template included. licensed under modified ACSL 1.4.

Topics

c obfuscation packer crypter exe-packer anti-debugging undetected software-protection red-team-tools vertigo6622

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

ce_v1.1 Latest
Mar 23, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages