├── LICENSE ├── OutputExamples ├── BatchfilePaylods │ ├── NightyBuilt.bat │ └── NightyObfuscated.bat ├── JavaScriptPayloads │ └── NightyObfuscated.js ├── PowerShellPayloads │ └── NightyObfuscated.ps1 └── PythonPayloads │ └── NightyObfuscated.py ├── README.md └── main.go /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2025 EvilBytecode 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to use the Software for educational and authorized cybersecurity research purposes only, subject to the following conditions: 7 | 8 | The above copyright notice, this permission notice, and the following disclaimer shall be included in all copies or substantial portions of the Software. 9 | 10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS (INCLUDING EvilBytecode) BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 12 | WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE, COPYING, DOWNLOADING, OR OTHER DEALINGS IN THE SOFTWARE. 13 | 14 | DISCLAIMER: I, EvilBytecode, release this project strictly for educational, academic, and authorized cybersecurity research purposes. 15 | By accessing, downloading, copying, using, or modifying this software, you agree to these terms. 16 | You must obtain explicit written permission from system owners before conducting any testing using this software. 17 | Unauthorized use, distribution, or deployment of this software against any third party, device, network, or system without prior consent is strictly forbidden and illegal. 18 | I, EvilBytecode, disclaim all responsibility, liability, or consequences arising from any misuse, illegal activities, damages, or losses resulting from this software. -------------------------------------------------------------------------------- /OutputExamples/BatchfilePaylods/NightyBuilt.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | powershell.exe -NoExit -encodedCommand dwByAGkAdABlAC0AaABvAHMAdAAgACIAagBlAHcAdwB3ACIA 3 | exit -------------------------------------------------------------------------------- /OutputExamples/BatchfilePaylods/NightyObfuscated.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | Set IIIlI=jp6WVMdE 3 | Set lllIIl=i4UbqBZu 4 | Set IIIIIIl=DCkcOgwv 5 | Set IIlllIIl=tXQo5YHA 6 | Set IIIIIlIIl=PlasJ3nS 7 | Set lIIlllIllI=9IrNyf1x 8 | Set IIIIlIlIIIl=GhzF78eK 9 | Set IlIIIlllIllI=2RLTm0 10 | cls 11 | 12 | @%IIIIlIlIIIl:~6,1%%IIIIIIl:~3,1%%IIIIlIlIIIl:~1,1%%IIlllIIl:~3,1% %IIlllIIl:~3,1%%lIIlllIllI:~5,1%%lIIlllIllI:~5,1% 13 | %IIIIlIlIIIl:~6,1%%IIIIIIl:~3,1%%IIIIlIlIIIl:~1,1%%IIlllIIl:~3,1% %IIIIlIlIIIl:~1,1%%lllIIl:~0,1%%IIIIlIlIIIl:~1,1%%lllIIl:~0,1%%IIIIlIlIIIl:~1,1% 14 | %IIIlI:~1,1%%IIIIIlIIl:~2,1%%lllIIl:~7,1%%IIIIIlIIl:~3,1%%IIIIlIlIIIl:~6,1% -------------------------------------------------------------------------------- /OutputExamples/JavaScriptPayloads/NightyObfuscated.js: -------------------------------------------------------------------------------- 1 | eval(atob('ZXZhbChhdG9iKCdaWFpoYkNoaGRHOWlLQ2RhV0Zwb1lrTm9hR1JIT1dsTFEyUmhWMFp3YjFsclRtOWhSMUpJVDFkc1RGRXlVbWhXTUZwM1lqRnNjbFJ0T1doU01VcEpWREZrYzFSR1JYbFZiV2hYVFVad00xbHFSbk5qYkZKMFQxZG9VMDFWY0VwV1JFWnJZekZTUjFKWWJGWmlWMmhZVkZWYWQwMHhiSEZTYms1cVlrWktNRlF4Wkc5Vk1ERldZMFZ3VjFKRlduSlpla1pUVWpGS1dXSkdXbWxXTW1oWlZrWldZV1F3TUhoaVNFWlRZbXMxY1ZscldrdE5SbEY0V2tjNVZrMUVSbGRaTUZaM1ZqRktSbGR1U2xwbGExcFVWV3BHUzFkWFNrZFhiV3hYVFcxb1dsWnJXbGRaVjFGM1RVaG9hVk5GV2xSWmJYTXhZMVpzY2xkcmRFNVNiRVkwVjJ0ak5WWnJNVVZTYkdSYVRVWmFNMVpxUmt0U2JHUjFVMnh3YkdFeGNGVldWM0JIVXpGa1dGTnJaRmhpVjNoWVZtMDFRMWRHV25STldHUlZUVlZXTlZadE5VOVdiVXBJVld4c1dtSllUWGhXVlZwelkyeGFWVkpzWkdsU2JrRjNWa1phYjJFeFdsaFRhMmhXWVRKU1YxUlhOVzloUmxweFVtdHdiR0pWV2twV01uaHJWVEZLV1ZGcmJGZGlWRVkyV2xWYWExWXhXblZVYkdScFZqTm9kMVpVUWxkVE1WbDRWMjVTVGxKRlduSlVWbFp6VGxaYVdFNVZPV2hTVkVJMVZsY3hiMVp0U2toVmJGSlhUVlp3V0ZreFdrZGpNWEJHVDFaa2FWZEhaekZXYlRCNFpERlZlRmRZYkZSaE1sSnhWV3hhZDFZeFduUmxSWFJZVW14d2VWZHJWakJoTVVsNFYydHdXbUV4Y0ROV1IzaExWbFphZFdGR2FGZFNWWEJaVmtaV1lWWXlUWGhTYms1WFlYcFdWRnBYZUdGVWJGcHpWV3QwYkdGNmJGZFpNRkpYWVVVd2QxSnVWbFJOVlRWNVZVWk9hbU5GZEZKUVZEQnVTMU5yUFNjcEtRPT0nKSk=')) -------------------------------------------------------------------------------- /OutputExamples/PowerShellPayloads/NightyObfuscated.ps1: -------------------------------------------------------------------------------- 1 | # obf by codepulze - evilbytecode 2 | 3 | $DlhogTlP = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String(@" 4 | IyBvYmYgYnkgY29kZXB1bHplIC0gZXZpbGJ5dGVjb2RlCgokUVpyeURIZnkgPSBbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpVVEY4LkdldFN0cmluZyhbU3lzdGVtLkNvbnZlcnRdOjpGcm9tQmFzZTY0U3RyaW5nKEAiCkl5QnZZbVlnWW5rZ1kyOWtaWEIxYkhwbElDMGdaWFpwYkdKNWRHVmpiMlJsQ2dva2JtMXVhbTVIZW0wZ1BTQmJVM2x6ZEdWdExsUmxlSFF1Ulc1amIyUnBibWRkT2pwVlZFWTRMa2RsZEZOMGNtbHVaeWhiVTNsemRHVnRMa052Ym5abGNuUmRPanBHY205dFFtRnpaVFkwVTNSeWFXNW5LRUFpQ2tsNVFuWlpiVmxuV1c1cloxa3lPV3RhV0VJeFlraHdiRWxETUdkYVdGcHdZa2RLTldSSFZtcGlNbEpzUTJkdmExWXpSbUZqVlhoeVlXMDRaMUJUUW1KVk0yeDZaRWRXZEV4c1VteGxTRkYxVWxjMWFtSXlVbkJpYldSa1QycHdWbFpGV1RSTWEyUnNaRVpPTUdOdGJIVmFlV2hpVlROc2VtUkhWblJNYTA1MlltNWFiR051VW1SUGFuQkhZMjA1ZEZGdFJucGFWRmt3VlROU2VXRlhOVzVMUlVGcFEydHNOVkZ1V2xwaVZteHVWMWMxY2xveGEzbFBWM1JoVjBWSmVGbHJhSGRpUld4RVRVZGtZVmRHY0hkWmEyUkxUbGRTU0ZadGNHbE5iRXB6VVRKa2RtRXlSblZSYTBwVVVtdGFXVlpIZUZaYU1VSlVVVzFLVmsweWVEWmFSV1JYWkVWNGMxVnRlR3hUUmtZeFZXeGpNV0Z0U1hsVmJrSnBZbGRTYTFReWNIZFdiRnBHVjFSU1RXRXlVbk5hUlZwUFRVZE9kR0pJVm1GbFYyaHBWbFJPYzJWdFVraFdibEpOWVRBMU1sbHROV0ZpUjA1MVZXMVNVR0Z1UWtoWk1qQTFaRVpHZEZKdWNHRldSbXQzVmxST1UyVlhSbGhPVnpWTVVsVkdjRkV5ZEhOT1ZrWjFWMnh3YVZadGVIVldNV014WTJ4dmVHRXpiRkJXTTFKb1ZqQldTbVZHYkhKaFNHUnBVbGQ0UlZSVlpHdFpWbVJIWTBoa1dtRXlVa3hVYkdSVFUwWmFkR05IYkU1aVJYQjZWVlJLYTJSdFJYaFViR2hxVTBaYWNsWnNhRkpOUm14elYyMDFZVTFWU2xWVlZ6RkxWbXN3ZVdWRVdtRlNWMUpZV2tWV05HTXhWblJsUjNoVVVtdFplRlpYZUdwTlYwWjBVMWhzVm1KclNuQlpiR1JUWVRGUmVXTklaRmRpUm5CSFZqRlNVMVJYUlhsVmJrNWhVbFp3VUZSVlpFOWtSMHBKVm0xR2JGWXlhSEJXYkZKUFl6SldkRlZyYUZkaWJFcE9XVlJCTVUxc2JIUk9WMFpwVWpBMU1WWlhNVk5WUjBaMVVXdG9XazFxUVRGYVJWcEhaRVpLZFdOSFJsZFNiWFF6Vm14U1QxVXlWbGhTYkdoUFZucFdUVlZzVmtkalJrVjVaRWhPVDFacldqRldNbmgzWVZaYWRHVklWbGROVjAxNFdUSjRkbVZIUlhwaVJrSlhUVEZLYjFacVFsZFRiVlpIWWtoS2FGTkhVbkJWYkdRMFVsWlNWbHBIZEZwV2JWSklXVEJvYTFkdFJYbFZhM2hWWWtkU1ZGVXdXbUZrUjA1SVlrVTFhVkpZUWpaV1ZsSkxZVEpTZEZKWWFGVmliRXBSVmpCYVlWbFdXbkZTYlVac1lrZFNXRlpzYUd0WlZURldVMnhXVmxaNlJreFdiWE4zWlZkV1JWZHRSbE5XTVVwWlYydFdWMDVIVFhoV2JsSnNVak5vVlZWdGRGcGxSbHBZWlVkd1RsWXdXakJWTVdoelZtMUtjbE51UWxwaVIxSlVXVlJHVW1WWFRrbGFSbVJwVW01Q1NGWnFSbE5WTVZKWVVsaHNWbUpyTldoVmJGcDNWVVpTVmxwRk9XdFNNSEJLVm0weFIySkdXWGxoU0VKWFlrWktVRmw2U2xka1JsWnlZVVprYVdKRmNFOVhWbEpDVFZVeGMySklVazlXTUZwd1ZXcEJNVTFXV2xoTlZrNVdVakJhTVZWWGRHOVhhekZ4VVZSR1lWSldjRWhhUlZwTFpGZE9TRkpzWkZOaVdGRjZWbTE0VTFReFZYbFdiR2hUWWtkb1VGWnVjRmRVVmxaelZtdGthbEpyVmpWYVJXaFBWREZhY2xkcVJsZE5ibWd6V1ZaYVlXUkhWa2xXYkdST1ZqQXhORmRVU2pSa2JWWklVbGh3YVZKclNsaFVWRVpMWWpGYWNWRnNaRlJpVmxwSVdXdG9TMkZHVGtoVmJrSldZa2RSTUZWc1dsTldiSEJJWkVad1YySldTa2xYVkVKdllURmtkRkpZYkZaaE0yaFdXV3RrVTFaR1ZYZFhiVVpyVWpBMVNWbHJWVEZoVmtwWlVXcGFWMVpzU2t4WlZFcFRaRVpLV1dGR1pHbFNNVXBVVjFjeE5GbFhTWGhpU0ZKcVpXdEtUMVp0TVZOWFZsSlhXa2hrV2xaVVJsZFZNbmhYVm14YU5sSnJlRmRpV0U0eldsWmtWMUpXWkhSU2JFNVhUVlZ3V2xZeWRGZFdNRFZJVkZob1YySnNTbk5WYWs1dlZsWldkR1JHY0d4U2JIQlpXbFZrZDFSc1dYZFhha0pXVFZkb2VsWnRNVXRqYkU1MVVXeHdhVkl4U2xWWFZsSkhWVzFXV0ZScmJHRlNiVkp3VlcwMVExTkdXbkZTYkU1V1RWWktXVlZzYUhOV2JVcHlUbGRvVm1KR2NETldWVnBUVm14d1JrOVhkRk5OU0VKTFZtMHdlRkl5U2tkWFdHeG9VMFZLV0ZscldrdFZSbXcyVTJ4a2ExSnNXbmxaVlZwcllWZEtSbU5GT1ZoV2JFcERWRlpWZUdNeVNrbFZhemxYVFVad2QxWlhjRUpOVlRGWFYyeG9UbFpyTlZkVmFrSmhUVlpXV0dSSE9WaGhla1o0VlZaU1IxbFdTbGRqUldoaFVsWndURnBHWkU5VFJrcHpXa1pPYVZkR1JqWldiVEUwVlRGUmVGWlliRmRpUjJoVVdXdGtiMVZHV25WalJtUlZWbXhhZWxadGRHdGhiRXB5Vm1wV1lWSlhhRkJXUkVaaFkyeGtjVkpzWkU1aWJXZDZWMVphWVZsWFVraFdhMnhYWWtkU1QxWnFRWGhPUm1SVlUycFNhMkpXV2tsVmJHaDNZVlpLY2xOc2FGVldSVnBNV1dwR1lXTldSbk5hUmxKcFZteHdTVmRYZEc5VE1rWkhWR3RvVm1KclNsZFphMlJTVFVaV2MxZHNUbGRpU0VKSldrVmFkMVl5U2xkVGEyeFlWa1ZLZGxsVVJtdGtSa3BaWWtaYWFFMHlhRmRYVjNSclZURmFSMVpZWkZoaVZWcHlWV3BCTVZOV2JISldWRVpvVm10d1dsVlhjR0ZXTVZwelUydDRXbFpGY0ZSYVJWcExWMWRHU0ZKc1VsTmlTRUpYVmpGa05HRXdOVWRYYkdSV1lrWndiMVZ1Y0hOamJGSlhWMjVPVDFKc2NEQmFWVll3VjJ4YVZWSnNaRlpOYm1oWVZtMTRZVTVzU25KbFJtUnBWMFUwZWxkc1dtdFdNVXBYV2toU1UySkZOVmhVVmxaM1YyeFplV1JHWkZkTlJGWkpWa1pvYjFZeVNuTlRiazVXWVdzMWRsWnNXbGRrUjFKSFkwZDRVMkpJUWxwWGJGWnJaREZTYzFkWVpGaGhhMHBYVkZaa2IyVnNXblJOVlhScVlrVTFNVlZYZUhkaFZrbDRVMnhXV0Zac1NraFdWekZYVjBaU2NtSkhSbE5pVmtwM1ZsY3dNVkV4VGtkWGJrWlRZa1UxVjFSV1drdFhWbFp6WVVoT1YySlZjSGxVYkdSdlZtMUtSMk5FVGxkV1ZuQlVWbTE0ZDFKck9WaGtSazVPVTBWS1RGWnRNSGRsUmtsNVUydGtXRmRIZUc5Vk1GWkxWMFpzY2xkcmRGWlNiWGN5VlRKNGEyRXhTbk5YYm14YVZsWndjbGxXWkV0U2JVNUdUMVpvVjJKRmNFUldSbHBXWlVkTmVWTnJiRlpoZW14WVZGVmFkMlF4V2xoalJVcE9WbFJHV0ZZeWVHOVViRnB5VGxaa1ZtRnJTbWhVVmxwWFYwZFNTRTlXYUdobGExbzBWbFphVTFJeGJGZFRiR1JxVWxkb2FGVnNXbmRVUm5CSFdrVTVWRkpyY0hwWGExcFBZVlprUjFKcVdsZGlWRVV3VmxSR1VtVkdXbGxpUm1ScFVqSm9WVmRYZEd0aU1WWkhWMjVXYWxKdFVsWldiWGhoWld4YWRHUkhkR2hpUlhCNVZtMXdWMWxXU2xoaFJrSlhVa1ZhYUZreWVHdGpWa3B6V2tVMWFXSlhaRFpXTVZwaFdWWnNXRlZyYUZkaE1uaFlXV3RrVTFReFduRlJXR2hQVW0xU1ZsVXljRk5oTWtwWFYydHNWbUpIYUROWlZscExZMnhPYzJGR1ZsZFNWbkJOVjFkd1IxbFhUbGRTYms1aFVteEtjRlp0ZUhkVFZtUllaRWM1VkUxcldraFdSM1J2Vm0xS2NsTnNaRnBoTWxKVFZGVmFWMk14WkhOVWJHUnBVMFZLU2xkclZtRmtNVmw1VTJ4a1ZHRXllRmxXYTFaTFpHeHNWVkp0ZEd0U2EzQmFXV3RhWVdGRk1IbGhSbVJZVmpOU2NsWlVSbUZTTVZwWldrWm9hVlpXY0hsV1YzQkNUVlpPVjJKSVNsZFdSVnB2Vm0xMGQxZHNWbGhqUjBaWFRWWndlbFV5ZERSWGJGcEdZMFpTWVZKV2NFeFdNV1JMVWpGd1NHRkZOV2xXTW1kNVZtMTRhMDFHV1hoaVJtUllZbXMxV0ZsdGN6RmlNVlp6Vm01a1ZVMVdXakJhVlZwclZERktkR1ZHWkZoaE1taHlWako0WVZaV1NuTmFSbHBPWW0xb1dWWnRNVFJaVlRWelUyNUtiRkp0VW5CV01GVXdaV3hrYzFkdGRGZE5WWEJZVjJ0b1UxVXlTa1pPVm1oVlZteGFNMVl5ZUZwbFYxSkhXa1prVGxKR1drcFdhMXB2WWpGWmVWTnVUbFJpYXpWWFdWZHpNV1JzV25OWGJHUnJVakZLU0Zrd1pEUlZNa3BKVVd4d1dHSkdXbkphUkVaVFl6RmtXVnBHYUdoaE1IQllWa1phYTJJeVZuTlhibEpPVmxoU2NWbHJWVEZOVmxaWVpVaGthRlpyYkRSVk1uaFhWMFphYzFOcmFGZFdla1pZVmpCYVUyTnRTa2hTYkU1cFZtdHdNMVpzWTNkTlZrVjRWR3RrV0dKcldsUlphMVV4VmpGU1YxZHJkRmhXYkZwNldWVm9UMVl5U2xaalNHeFZZa2RTZGxadE1VdFNNazVGVkd4a1YxWnVRbFZXYlRFMFpERktjazlXYUd0U2F6VlBWVEJXUzFSR1duUk5TR1JzVW10c05WVXlkR3RYUm1SSVpVYzVWazFHV2t4V01GcHpZMnhrY21SR1dsTmlXR041VmxSS05HRXlSWGhUYms1WVltMTRZVlpzV25kamJHeFhXa1YwVTJKVk5VZFVNVnB2VmpKS1JtTkZVbGRTYkhCWFdsVmtUbVZXVG5KaVJscG9aVzE0V1ZaR1ZtRmtNbEY0VjJ4b2FsSlZjRTlXYkZKSFYwWlplV1ZIT1ZWaVJuQjVWR3hhYTFadFJuSlRiV2hWVm14d1dGWXdaRk5UUlRsWFlVZG9iR0V4YnpCV2JGcGhWVEZKZUdKR1pGUmlSMUp4Vld4a2IyRkdWbk5YYm1SVlVtNUNTRmRyVlRWV1JrcHlZMGh3V0dFeGNGQlpWbHByVWpGS2NWZHNaR2xXUlZWM1ZteFNSMVZ0VmtkWGJHeHBVbTFTY0ZWcVNtOVdWbVJZWkVkMGFVMVdXa2hXTWpWWFlXeEtkRlZzV2xkaVdHaG9XbGQ0WVdSSFVraGtSMmhwVWxoQ05WWnRNWGRXTVZwWFYyNU9hbEpZYUdGWlZFcFRWRVpXZEdONlJsZFdhM0I2VmpKNGEySkhSWGhYV0hCWFlsaG9WRlZYTVZkU01XUlpZVWRHVTJKWWFHOVdWekI0WWpGa1IySklTbGhpYlZKelZXMTRkMU5XY0ZaYVJFSlhUVVJHZWxVeWRHOVdNa3BWVm10NFYySlVSa3hWYlRGUFVqSkdSMVpzWkd4aVJtOTVWakowYTA1SFJYaGFSV2hYWVRKb1ZGbHJaRzlqUmxwMFpVaGtUMkpIVWxaVlYzaHJWakF4VjJOR2JGWk5ibWg2VmxjeFMxWlhTa2RoUm1ScFZrVmFVRlpHV21GamJWRjRXa2hPWVZKdFVuQlZiWFIyWlVaYVZWTllhR3ROVmxZMFZqSjRWMVl4WkVoVmJHeFhZV3MxVkZreWVGTmpiSEJHWkVaT1RsWllRbUZXTW5SaFZESkdXRkpZY0ZKaVZHeFlXV3hvYjJOc1dsVlRiRTVxVFZaYWVsZHJXbTloVmtwVlZteFdXRll6YUZkVVZscExZekZrYzJGSGVGTmhlbFphVmxjeE1HTXdNSGhWYms1WFYwZG9WMWxZY0VkTlJuQldWbXBTVjJKR2NIcFdNV2hyVmpKRmVWVnJaR0ZTUlhCVVZUQmtSMUl4Y0VaT1ZtUnBWMFpHTmxadGVGTlNNVmw0VlZob1YxZEhhSEJWYlRGdlZteHNkR1ZGZEZkV2JYaFdWa2N3TlZZeVNrZFhibWhXVFc1Q1ZGWXllR0ZqTVdSMVlrWmFhVlpHV205V2JGcGhWakZrUms5V2JGSmlSbkJZVm14U1YwNVdaRlZSYkdSVlRXeEtTVlV5ZEc5aVJrbDZZVVpPVlZaV1dtaGFWbHBoWXpGa2RGSnNTazVpUlhCYVZsY3dNVll4V2xoU2JrNVlZbFZhWVZsclpGTlZSbHBHVm1zNWFsSnJOWGxWYlhRMFZtc3hkVlZyTVZoV2JIQnlWbXBCTVZKdFNrWlZiRnBwVWxWd2VWWkdaSHBOVjBaSFYxaHNUMVpVYkU5WmJGcGhVVEZzZFdJelpGUk5SM2g1VlZab1ExUkdWbGxSYm1SWVlrZG9kVmRxUW5kU2JVcEpVbTFzYVdKR2NFNVhiRlpxWlVaa1ZsUnROVkZXUkVKTVUxZDBRbU5GZEZKalNFSmhWMGRrYmxOclpIZGtNVVpXWVVaS1YwMUVWbGRSTW1NNVVGRnZhVkZEYTNCRGJXeHNaVU5CYTFZelJtRmpWWGh5WVcwNFN3b2lRQ2twQ21sbGVDQWtibTF1YW01SGVtMEsKIkApKQppZXggJFFacnlESGZ5Cg== 5 | "@)) 6 | iex $DlhogTlP 7 | -------------------------------------------------------------------------------- /OutputExamples/PythonPayloads/NightyObfuscated.py: -------------------------------------------------------------------------------- 1 | import base64 2 | hYCHDEEB='aW1wb3J0IGJhc2U2NApoWUNIREVFQj0nYVcxd2IzSjBJR0poYzJVMk5BcG9XVU5JUkVWRlFqMG5ZVmN4ZDJJelNqQkpSMHBvWXpKVk1rNUJjRzlYVlU1SlVrVldSbEZxTUc1WlZtTjRaREpKZWxOcVFrcFNNSEJ2V1hwS1ZrMXJOVUpqUnpsWVZsVTFTbFZyVmxkU2JFWnhUVWMxV2xadFRqUmFSRXBLWld4T2NWRnJjRk5OU0VKMlYxaHdTMVpyTVhKT1ZVcHFVbnBzV1Zac1ZURlRiRlp5Vm14a1UySkZXbmhVVldNeFYyeGFkRlJxVW1GU1JYQkxXbGQ0VDJOV1JuSmpSazVPVTBWS01sWXhhSGRUTVZweVRWaEtUMVpWY0hGVmJuQnpWMVphYzFaVVJsUmlSbHA1Vm0xNGExVXlTa1pYYm1oVlZsZE5lRll5ZUdGa1JsSnhWVzFHVTFKWVFreFhiR1EwVkRKT1YxSnVTbXBTYXpWUFZUQldTMDFzV1hoaFNHUlVUVlp3ZVZSV2FFdFVNVnBXWTBoR1ZtSnVRbnBXTVZwaFl6RmFWVkpzVW1sU2JIQTFWbTB4TkdFeFZYbFRhMXBZWW0xb1ZsWnNaRTVsUmxsNVpVZEdhMUpzU25oV1Z6RkhWVEZLV1ZGcmVGaGlSMUV3VmtSS1QxWXhTblZUYlhCVFlYcFdVRlpVUWxkVE1ERnpWMWhvYUZOSFVsVlVWbHAzWlZaU1YyRkZkRlZOVm5CWFdUQm9SMVp0U25WUmJuQlhUVlp3YUZsNlJtRldWa3B6Vlcxc1UySklRVEZXYlRCNFRrZEZlRlpZYkZSaE1YQlpXVzB4YjFac1duTmFSVFZzVW14c05WcFZaRWRoTVVwelUyNW9WMVo2UmtoV1ZFWkxWMVpHY21WR2FHbFNNVVYzVm10U1MxUXhXWGhUYmxaVVlsaENWRmxZY0ZkVlJscFZVV3hrVkUxRVJucFdNV2h2WVVaT1NGVnNWbFZXYkhBeldsWmFVMVl5Umtaa1JsWk9WbTVDV0ZkVVFtOVNNVnAwVTI1V1VtSnVRbGhVVmxwM1lVWnNObEp0UmxkV2EzQjZWbGN4YzFVeVNrbFJWRVpYWWxSQ05GUnJaRVpsUmxwWllrWlNhRTFZUWxwWFZ6QjRZakZhYzFkdVRtRlNWRlp6VlcxNGMwNVdiRFpVYlRsWFVtdHNNMVl5ZEd0WlZscFhZMFJPVjFJemFFdGFWVnBQWTJzeFYyRkhhRTVYUlVwMlZtMHhkMUl5UlhoVGJrcFFWbTFTV1Zsc2FFTldSbEpZVFZjNVZsSnRVbGxhVldRd1lWZEtWMWR1Y0ZkTlYyaDJWakJrUzFac1pITlhiRlpYWWtaV05GWkdWbUZaVms1SVZXdGtWV0pIYUc5YVYzUmhVekZhYzFrelpFOVdiSEF3VlRKNFYxVXhXa1pUYkdSYVlURndNMVpxUm5kU1ZrcDBVbTF3VGxacmNEWldhMk40WXpGVmVGcEZXbFJpUjNoWVdXdGFTMU5HV2xWVGF6VnNWbXR3ZVZkcldsTmhWMHBHWTBod1YxWXphR2hYVmxwYVpVWldjMWRzYUdsV1ZuQlpWbGN4TkZsVk1VZGpSbHBYWVd0S1dGUlhkSGRTTVZKelYyNWtWMDFyY0ZaVmJYQlBWMnhhYzJOSGFGcGxhM0JMV2xjeFQxSXlSa2RhUlRWT1ZsaEJNVlp0ZUd0a01VMTRVMWhzVlZkSGVGWlpWRXBUVmpGc2MxWnRSbFZOVjNoWldsVmtSMVpYU2toVmJHaFhUV3BGZDFac1ZYaGpNV1IxWTBaa1UyVnNXbGxYVmxwaFUyMVdjMUp1VmxOaVJuQndWVzE0VjA1R1drZFdiVVphVmpGS1NWWkhkR3RXVjBwSlVXeG9XbUV5VVhwYVYzaGhVakZrZEU5V2NGZGlWa3BKVm1wS2QxbFdWWGxTV0d4b1VqSm9XRmxYY3pGa2JGSlZVbTFHYWsxWFVqQmFSVnByVmpKRmVHTkVWbGRTYkhCeVdYcEdXbVZHWkZsalJscFhVbFp3V1ZkV1VrdFZiVkY0WWtaV1UySkdjSE5XYlhNeFpWWmtjbHBIT1ZWaGVrWXhXVlZhUzFZeVNsbFJiRUpYVmtWd1NGVnFSbXRqTVZwelZXMXNWMUl6YURWV01XUXdXVmROZDA1VlpGaGliRXB4V2xkNFlWZEdWblJsU0dSc1ZtMTBNMVp0TVRCV01ERnlZMFp3VjFaNlJuWldha1poVG14S2NtRkdaRTVTTVVwVlZsUkdZV1F4U25SVmEyaHJVbFJXVDFWc1l6Vk9WbHAwVFZoa1UwMVdiRFJXVm1odlZsZEtTRlZzVmxwV1JWb3pWakJhYzFaV1NuVmFSbHBPVmpOb1dsZFVRbGRoTWtWNVUydGthVkpHU2xoWmJHaE9UVlphY2xkdFJtcGlWVFZIVjJ0YWEyRldaRWRUYlRsWFlrZE9ORlZxUm1GV01XUjFVbXhrYVZJeWFIZFdWM0JMWWpGS1YxcEdiR3BTVjFKeFZGWmtVMU5HV2xoT1ZrNXBVbXR3V2xsVldrOVdWbGw2VkZob1ZXRXhjRmRhVmxVeFYxWlNjazVWTldoTk1Fa3hWakZTUTFVeFdYbFNhMXBPVmxkNFYxbHNaRzlYUmxKV1drWk9hMkpIZHpKVmJURXdWMFpaZDJORmJGVk5WMUoyVm1wS1MxZFhSa2hTYkdSb1RXczBNRlpIZEdGVmJWWlhVMjVXVldKRk5XOVpWRVozVjJ4YWRHTkZPVkpOVjNoWVZsZDRZVmRIU25SVmJGWldZbGhvTTFSVlduSmtNWEJKVkd4V2FWWllRa2hYVkVKdlpERmFkRlp1U2xSaWEzQmhXVmQwWVdOc2JEWlNhM1JZVm01Q1NWbFZXazlXTWtwSlVXeGFWMkpVUlRCWFZscHpWakZPY2xwR1ZsaFNNbWhYVjFjeE1HUXhWbk5YYkZaVVlYcHNWbFZ0TVRSV01WbDVUbFU1VmsxVmNIbFViRlpyVmpGWmVsVnRhRmRXUlZwb1ZtMHhSMDVzV25OalJtUlhZbXRKTWxac1pEQlpWbEY0VTI1T1YySnJjRmxaYTFVeFYwWmFjMXBFVG14U2JWSldWVEZvYjFZd01YTlNhbFpXVFc1U2RsWlVTa3RYVmtaMFlVWmtWMUpZUW5sWGExcGhWRzFXV0ZOcmFHcFNNMEpQVlRCV1JtVkdXWGhWYXpsU1RWVndTVlV5ZUd0WFJscEdVMnhzV21FeVVsUldSRVp6WTFaS2RWUnRkRk5oTTBGNFYxUkNhMUl4V1hoVGJsSnJVa1UxV0ZWc1pFOU9SbFY1WXpOb2FtRjZWbGRaVlZwaFlWWmtTR0ZIYUZkU2JWSXpXWHBLVDJNeGNFbFViRlpwVmtkNGQxWkdXbXRWTVZsNFYydG9hMU5GTlZkVVZsWjNWMFpaZVdSSGRGZGlSbXcxV2xWb2MxZHJNVVpPV0VaV1pXdHdTRlZxU2t0U2JGWnpWV3hPVjJFelFrbFdiR1EwVmpGT2NrOVdhRk5oTWxKd1ZXeGFTMVpXVm5OWGEzUlRUVlphZWxadGRIZGhNVmwzVGxSQ1YySlVWbkpaVmxwS1pERmtkVkpzYUdsU1ZGWXhWMWN4TUUxSFRrZGhNM0JWWVROU2MxWnFRVEZOTVZaVlUxaG9WMDFFVmtoWk1GcHZWbFphTm1KSFJscGlSbHBvVkcxNGEyTXhWbk5qUlRWVFYwZG5kMVpVUmxOVE1WRjRVMWhvVkdKck5WbFdhMVp5VFZac1ZWSnVaRmRTTUZwSlZERmFiMVl4V2xWV2EzUlhWak5TV0ZacVJrdGpNVXAxVVcxb1RrMUZXakZWVkVsNFlqRmtjMUpZWkdoU1ZscFVWbXhhWVZKR1ZrZGFSemxZWWtWV00xbFZWbGRWTVZwWFYydFNWVko2Vmt4WmEyUlBVMGRXU0dGR2NFNWlSbG95VlRJMWMyUnRTbkpsUlZKYVRXcFdUVlpXYUVOak1YQldXa1prYUdFelVrbFZNakZ2WVdzeGMxWlliRlZoTURCNFdWWlZNV05XVm5Sa1IwWlhUVVJWZVZZeWRHdFdiVWw1VW10a2FWSldTbFZWYkZwTFVqRldjMVpyY0dwU1dGSlRWVVpSZDJKclRuUmhSbkJTVFVkb1JsVnNWbGRSTVVKWVlVWndVazFIYUVaVmJGWlhVVEI0ZFZOdGVHcFNNMmh2VjFSS1ZtSXdjRFZpTWpWTlVUSk9kVk14Um5kaVIxWklWbTF3VEZJd2NHOVpla3BXVFdzMVJFNVhiRTloYkVweVYyeGtUMlJzY0VoV1Z6bG9VbTE0UlZVd1ZsTlNiRXBXVTFoQ1RGVlVNRGxLZDNCdlYxVk9TVkpGVmtaUmFqRnZWMVZPU1ZKRlZrWlJhVFY1V2xoQ2MxbFhUbXhMUTJOeFNubDNia3A1YTB0YVdHaHNXWGxvYVZsWVRteE9hbEYxV1dwWk1GcEhWbXBpTWxKc1MwZG9XbEV3YUVWU1ZWWkRTMU5yUFNjS2FGbERTRVJGUlVJOWFGbERTRVJGUlVJdWNtVndiR0ZqWlNnbktpY3NKeWNwQ21WNFpXTW9ZbUZ6WlRZMExtSTJOR1JsWTI5a1pTaG9XVU5JUkVWRlFpa3AnCmhZQ0hERUVCPWhZQ0hERUVCLnJlcGxhY2UoJyonLCcnKQpleGVjKGJhc2U2NC5iNjRkZWNvZGUoaFlDSERFRUIpKQ==' 3 | hYCHDEEB=hYCHDEEB.replace('*','') 4 | exec(base64.b64decode(hYCHDEEB)) -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PayloadCrypter 2 | ## Telegram: 3 | - https://t.me/ebytelabs 4 | make your scripts into payload, and undetectable from VT. 5 | ![image](https://github.com/EvilBytecode/PayloadCrypter/assets/151552809/d8e47232-2673-4894-9cca-dcc74e907aa6) 6 | 7 | ### Features: 8 | - **Powershell to Batchfile Conversion:** Converts a PowerShell script into a Batch file. 9 | - **Python Payload Crypter:** Obfuscates Python scripts with multiple layers of base64 encoding. 10 | - **Powershell Payload Crypter:** Obfuscates PowerShell scripts with multiple layers of base64 encoding. 11 | - **JavaScript Crypter:** Obfuscates JavaScript files using `eval(atob())` for multiple layers of encoding. 12 | - **Batchfile Obfuscator:** Obfuscates Batch files by substituting characters with variable names. 13 | - **Layers:** Of Obfuscation, can add how many you want. 14 | 15 | ### Languages Supported: 16 | - **Powershell** 17 | - **Python** 18 | - **JavaScript** 19 | - **Batch files (Windows Command Scripts)** 20 | 21 | ### READ : 22 | - this was made to evade detections from static scanners, like virustotal and many more, thats why its only base64 + it was made for educational purposes. 23 | 24 | ### Output examples are in a OutputExamples directory. 25 | 26 | ### future 27 | - xor since its way better lol 28 | 29 | 30 | ## License 31 | This project is licensed under the MIT License. See the LICENSE file for details. 32 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bufio" 5 | "encoding/base64" 6 | "fmt" 7 | "github.com/EvilBytecode/GolangStyle/pkg" 8 | "io/ioutil" 9 | "math/rand" 10 | "os" 11 | "path/filepath" 12 | "strconv" 13 | "strings" 14 | "unicode/utf16" 15 | "time" 16 | ) 17 | 18 | func obfps1payload(scriptContent string, n int) string { 19 | rand.Seed(time.Now().UnixNano()) 20 | encodedScript := base64.StdEncoding.EncodeToString([]byte(scriptContent)) 21 | for i := 1; i <= n; i++ { 22 | gostyle.Write(fmt.Sprintf("Obfuscation Layer %d/%d\n", i, n), gostyle.YELLOW_TO_RED, true) 23 | randVar1 := rndstr(8) 24 | randVar2 := rndstr(8) 25 | scriptContent = fmt.Sprintf(`# obf by codepulze - evilbytecode 26 | 27 | $%s = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String(@" 28 | %s 29 | "@)) 30 | iex $%s 31 | `, randVar1, encodedScript, randVar2) 32 | encodedScript = base64.StdEncoding.EncodeToString([]byte(scriptContent)) 33 | } 34 | return scriptContent 35 | } 36 | 37 | func getinput(prompt string) string { 38 | gostyle.Write(prompt, gostyle.YELLOW_TO_RED, false) 39 | reader := bufio.NewReader(os.Stdin) 40 | input, _ := reader.ReadString('\n') 41 | return strings.TrimSpace(input) 42 | } 43 | 44 | func rndstr(length int) string { 45 | const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" 46 | seededRand := rand.New(rand.NewSource(time.Now().UnixNano())) 47 | b := make([]byte, length) 48 | for i := range b { 49 | b[i] = charset[seededRand.Intn(len(charset))] 50 | } 51 | return string(b) 52 | } 53 | 54 | func CryptPSPayload() { 55 | rand.Seed(time.Now().UnixNano()) 56 | 57 | var psPath string 58 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Enter the path to the PowerShell script: ", gostyle.YELLOW_TO_RED, false) 59 | fmt.Scanln(&psPath) 60 | 61 | psContent, err := ioutil.ReadFile(psPath) 62 | if err != nil { 63 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error reading PowerShell script: %s\n", err), gostyle.RED_TO_YELLOW, false) 64 | return 65 | } 66 | 67 | layerInput := getinput("[@Admin:~/CodepulzeCrypter$] > Enter the number of obfuscation layers: ") 68 | numLayers, err := strconv.Atoi(layerInput) 69 | if err != nil { 70 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Invalid input. Please enter a valid number.\n", gostyle.RED_TO_YELLOW, false) 71 | return 72 | } 73 | 74 | obfuscatedContent := obfps1payload(string(psContent), numLayers) 75 | 76 | outputDir := filepath.Join("Built", "PowerShellPayloads") 77 | err = os.MkdirAll(outputDir, 0755) 78 | if err != nil { 79 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error creating output directory: %s\n", err), gostyle.RED_TO_YELLOW, false) 80 | return 81 | } 82 | 83 | outputPath := filepath.Join(outputDir, "CodepulzeObfuscated.ps1") 84 | err = ioutil.WriteFile(outputPath, []byte(obfuscatedContent), 0644) 85 | if err != nil { 86 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error writing obfuscated script: %s\n", err), gostyle.RED_TO_YELLOW, false) 87 | return 88 | } 89 | 90 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Obfuscated script saved as %s\n", outputPath), gostyle.YELLOW_TO_RED, false) 91 | } 92 | 93 | func Obfuscate(code, alphabet string, setsNum, minNameLength int) string { 94 | Il := []string{"I", "l"} 95 | mixedAlphabet := shuffleString(alphabet) 96 | 97 | sets := make([]string, 0) 98 | alphabets := make([][]rune, 0) 99 | 100 | for x := 0; x < setsNum; x++ { 101 | name := generateSetName(Il, minNameLength, sets) 102 | sets = append(sets, name) 103 | } 104 | 105 | chunkSize := (len(mixedAlphabet) + setsNum - 1) / setsNum 106 | for _, chunk := range chunkString(mixedAlphabet, chunkSize) { 107 | alphabets = append(alphabets, []rune(chunk)) 108 | } 109 | 110 | var newScript strings.Builder 111 | newScript.WriteString("@echo off\n") 112 | 113 | for idx, set := range sets { 114 | newScript.WriteString(fmt.Sprintf("Set %s=%s\n", set, string(alphabets[idx]))) 115 | } 116 | newScript.WriteString("cls\n\n") 117 | 118 | for _, c := range code { 119 | replaced := false 120 | for idx, alphabet := range alphabets { 121 | if strings.ContainsRune(string(alphabet), c) { 122 | newScript.WriteString(fmt.Sprintf("%%%s:~%d,1%%", sets[idx], strings.IndexRune(string(alphabet), c))) 123 | replaced = true 124 | break 125 | } 126 | } 127 | if !replaced { 128 | newScript.WriteRune(c) 129 | } 130 | } 131 | 132 | return newScript.String() 133 | } 134 | 135 | func shuffleString(s string) string { 136 | r := []rune(s) 137 | rand.Seed(time.Now().UnixNano()) 138 | rand.Shuffle(len(r), func(i, j int) { r[i], r[j] = r[j], r[i] }) 139 | return string(r) 140 | } 141 | 142 | func generateSetName(Il []string, minLength int, sets []string) string { 143 | rand.Seed(time.Now().UnixNano()) 144 | var name string 145 | for { 146 | name = "" 147 | for i := 0; i < minLength; i++ { 148 | name += Il[rand.Intn(len(Il))] 149 | } 150 | found := false 151 | for _, set := range sets { 152 | if set == name { 153 | found = true 154 | break 155 | } 156 | } 157 | if !found { 158 | break 159 | } 160 | minLength++ 161 | } 162 | return name 163 | } 164 | 165 | func chunkString(s string, chunkSize int) []string { 166 | var chunks []string 167 | for i := 0; i < len(s); i += chunkSize { 168 | end := i + chunkSize 169 | if end > len(s) { 170 | end = len(s) 171 | } 172 | chunks = append(chunks, s[i:end]) 173 | } 174 | return chunks 175 | } 176 | 177 | func BatchObf() { 178 | var batchFilePath string 179 | fmt.Print("Enter the path to the batch file (.bat): ") 180 | fmt.Scanln(&batchFilePath) 181 | 182 | fileContent, err := ioutil.ReadFile(batchFilePath) 183 | if err != nil { 184 | fmt.Println("Error reading file:", err) 185 | return 186 | } 187 | 188 | alphabet := "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" 189 | obfuscatedScript := Obfuscate(string(fileContent), alphabet, 8, 5) 190 | 191 | outputDir := "Built/BatchfilePaylods" 192 | err = ioutil.WriteFile(outputDir+"/CodepulzeObfuscated.bat", []byte(obfuscatedScript), 0644) 193 | if err != nil { 194 | fmt.Println("Error writing obfuscated script:", err) 195 | return 196 | } 197 | 198 | fmt.Printf("Obfuscated script saved as %s/CodepulzeObfuscated.bat\n", outputDir) 199 | } 200 | 201 | 202 | 203 | func main() { 204 | gostyle.Init() 205 | gostyle.ClearConsole() 206 | gostyle.Write(` 207 | 208 | ____ ____ ____ _____ ____ _ _ ____ _____ _____ ____ ____ _ ____ 209 | / _\/ _ \/ _ \/ __// __\/ \ /\/ \ /_ \/ __/ /__ __\/ _ \/ _ \/ \ / ___\ 210 | | / | / \|| | \|| \ | \/|| | ||| | / /| \ / \ | / \|| / \|| | | \ 211 | | \__| \_/|| |_/|| /_ | __/| \_/|| |_/\/ /_| /_ | | | \_/|| \_/|| |_/\\___ | 212 | \____/\____/\____/\____\\_/ \____/\____/\____/\____\ \_/ \____/\____/\____/\____/ 213 | 214 | Author : Evilbytecode & Codepulze 215 | 216 | `, gostyle.YELLOW_TO_RED, false) 217 | gostyle.Write("[1] Powershell to Batchfile", gostyle.YELLOW_TO_RED, false) 218 | gostyle.Write("[2] Python Payload Crypter", gostyle.YELLOW_TO_RED, false) 219 | gostyle.Write("[3] Powershell Payload Crypter", gostyle.YELLOW_TO_RED, false) 220 | gostyle.Write("[4] JavaScript Payload Crypter", gostyle.YELLOW_TO_RED, false) 221 | gostyle.Write("[5] Batchfile Payload Crypter", gostyle.YELLOW_TO_RED, false) 222 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] >", gostyle.YELLOW_TO_RED, false) 223 | 224 | var optionStr string 225 | fmt.Scanln(&optionStr) 226 | optionStr = strings.TrimSpace(optionStr) 227 | 228 | switch optionStr { 229 | case "1": 230 | ConvertPSToBAT() 231 | case "2": 232 | CryptPythonPayload() 233 | case "3": 234 | CryptPSPayload() 235 | case "4": 236 | CryptJSPayload() 237 | case "5": 238 | BatchObf() 239 | default: 240 | gostyle.Write("Invalid option selected\n", gostyle.RED_TO_YELLOW, false) 241 | } 242 | } 243 | 244 | func ConvertPSToBAT() { 245 | reader := bufio.NewReader(os.Stdin) 246 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Enter the full path of the PowerShell script file: ", gostyle.YELLOW_TO_RED, false) 247 | hehe, _ := reader.ReadString('\n') 248 | hehe = strings.TrimSpace(hehe) 249 | hehe = strings.TrimRight(hehe, "\r\n") 250 | 251 | monkicont, _ := os.ReadFile(hehe) 252 | 253 | u16byt := utf16.Encode([]rune(string(monkicont))) 254 | u16l := make([]byte, len(u16byt)*2) 255 | for i, r := range u16byt { 256 | u16l[i*2] = byte(r) 257 | u16l[i*2+1] = byte(r >> 8) 258 | } 259 | 260 | monkcoded := base64.StdEncoding.EncodeToString(u16l) 261 | 262 | monkiii := "Built/BatchfilePaylods" 263 | monkgong := "CodepulzeBuiltPS2BAT.bat" 264 | opat := filepath.Join(monkiii, monkgong) 265 | 266 | os.MkdirAll(monkiii, 0755) 267 | 268 | monkbat, _ := os.Create(opat) 269 | defer monkbat.Close() 270 | 271 | monkbat.WriteString("@echo off\n") 272 | monkbat.WriteString(fmt.Sprintf("powershell.exe -NoExit -encodedCommand %s\nexit", monkcoded)) 273 | 274 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Converted: %s\n", opat), gostyle.YELLOW_TO_RED, false) 275 | } 276 | 277 | func CryptPythonPayload() { 278 | rand.Seed(time.Now().UnixNano()) 279 | 280 | var pythonPath string 281 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Enter the path to the Python script: ", gostyle.YELLOW_TO_RED, false) 282 | fmt.Scanln(&pythonPath) 283 | 284 | if _, err := os.Stat(pythonPath); os.IsNotExist(err) { 285 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Invalid path.\n", gostyle.RED_TO_YELLOW, false) 286 | return 287 | } 288 | 289 | pythonContent, err := ioutil.ReadFile(pythonPath) 290 | if err != nil { 291 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error reading Python script: %s\n", err), gostyle.RED_TO_YELLOW, false) 292 | return 293 | } 294 | 295 | layerInput := getinput("[@Admin:~/CodepulzeCrypter$] > Enter the number of obfuscation layers: ") 296 | numLayers, err := strconv.Atoi(layerInput) 297 | if err != nil { 298 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Invalid input. Please enter a valid number.\n", gostyle.RED_TO_YELLOW, false) 299 | return 300 | } 301 | 302 | obfuscatedContent := string(pythonContent) 303 | for i := 1; i <= numLayers; i++ { 304 | randVar := rndstr(8) 305 | obfuscatedContent = fmt.Sprintf("import base64\n%s='%s'\n%s=%s.replace('*','')\nexec(base64.b64decode(%s))", 306 | randVar, base64.StdEncoding.EncodeToString([]byte(obfuscatedContent)), 307 | randVar, randVar, randVar) 308 | } 309 | 310 | outputPath := filepath.Join("Built", "PythonPayloads", "CodepulzeObfuscated.py") 311 | if err := os.MkdirAll(filepath.Dir(outputPath), 0755); err != nil { 312 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error creating output directory: %s\n", err), gostyle.RED_TO_YELLOW, false) 313 | return 314 | } 315 | 316 | if err := ioutil.WriteFile(outputPath, []byte(obfuscatedContent), 0644); err != nil { 317 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error writing obfuscated Python script: %s\n", err), gostyle.RED_TO_YELLOW, false) 318 | return 319 | } 320 | 321 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Obfuscated script saved as %s\n", outputPath), gostyle.YELLOW_TO_RED, false) 322 | } 323 | 324 | 325 | func CryptJSPayload() { 326 | rand.Seed(time.Now().UnixNano()) 327 | 328 | var jsPath string 329 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Enter the path to the JavaScript file: ", gostyle.YELLOW_TO_RED, false) 330 | fmt.Scanln(&jsPath) 331 | 332 | if _, err := os.Stat(jsPath); os.IsNotExist(err) { 333 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Invalid path.\n", gostyle.RED_TO_YELLOW, false) 334 | return 335 | } 336 | 337 | jsContent, err := ioutil.ReadFile(jsPath) 338 | if err != nil { 339 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error reading JavaScript file: %s\n", err), gostyle.RED_TO_YELLOW, false) 340 | return 341 | } 342 | 343 | layerInput := getinput("[@Admin:~/CodepulzeCrypter$] > Enter the number of obfuscation layers: ") 344 | numLayers, err := strconv.Atoi(layerInput) 345 | if err != nil { 346 | gostyle.Write("[@Admin:~/CodepulzeCrypter$] > Invalid input. Please enter a valid number.\n", gostyle.RED_TO_YELLOW, false) 347 | return 348 | } 349 | 350 | obfuscatedContent := string(jsContent) 351 | for i := 1; i <= numLayers; i++ { 352 | obfuscatedContent = fmt.Sprintf("eval(atob('%s'))", base64.StdEncoding.EncodeToString([]byte(obfuscatedContent))) 353 | } 354 | 355 | outputPath := filepath.Join("Built", "JavaScriptPayloads", "CodepulzeObfuscated.js") 356 | if err := os.MkdirAll(filepath.Dir(outputPath), 0755); err != nil { 357 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error creating output directory: %s\n", err), gostyle.RED_TO_YELLOW, false) 358 | return 359 | } 360 | 361 | if err := ioutil.WriteFile(outputPath, []byte(obfuscatedContent), 0644); err != nil { 362 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Error writing obfuscated JavaScript file: %s\n", err), gostyle.RED_TO_YELLOW, false) 363 | return 364 | } 365 | 366 | gostyle.Write(fmt.Sprintf("[@Admin:~/CodepulzeCrypter$] > Obfuscated script saved as %s\n", outputPath), gostyle.YELLOW_TO_RED, false) 367 | } 368 | --------------------------------------------------------------------------------