- 🇬🇧 English
- 🇻🇳 Tiếng Việt
Developed by Truong Nhat Bao Nam - ktn1703
PyCool is a next-generation Python obfuscator designed to protect Python source code against:
- static analysis
- reverse engineering
- debugging
- sandbox execution
- MITM interception
- runtime instrumentation
PyCool V4 combines:
- VM-based execution
- multi-layer encryption
- anti-analysis systems
- Unicode chaos obfuscation
- runtime payload unpacking
- high-entropy junk code generation
Inspired by:
- PyHydra
- BensOBF
- PyArmor-style protection
- malware-grade packers
No static imports.
Uses:
__import__(''.join(map(chr,[98,97,115,101,54,52])))Benefits:
- harder static analysis
- avoids simple signatures
- bypasses grep/YARA rules
PyCool generates:
- Korean identifiers
- Chinese identifiers
- Fullwidth Unicode
- Invisible Unicode characters
Example:
__PyCoolHydraㅤ龍__Benefits:
- destroys readability
- breaks regex tooling
PyCool includes a fake virtual machine executor with:
- stack/register structures
- runtime staged decryption
- dynamic payload loading
Payload only exists at runtime.
Pipeline:
marshal
→ zlib
→ zlib
→ bz2
→ lzma
→ base85
→ XOR (32-byte)
→ Fisher-Yates shuffle
→ RC4
→ rolling XOR
→ base64
Benefits:
- high entropy
- difficult payload recovery
- difficult automated unpacking
Detects:
- debugpy
- pdb
- PyCharm debugger
- VSCode debugger
- tracing hooks
- suspicious stack depth
- timing manipulation
Detects:
- VMware
- VirtualBox
- QEMU
- Hyper-V
- sandbox environments
Checks:
- CPU count
- RAM size
- VM processes
- DMI vendor strings
- execution timing
Detects:
- requests monkey patching
- httpx hooks
- urllib3 wrappers
- instrumentation layers
Protects against:
- Frida hooks
- MITM interception
- runtime API patching
Detects:
- Burp Suite
- Fiddler
- mitmproxy
- HTTPToolkit
- Charles Proxy
Hidden Anti-Analysis Layers
All anti-analysis code is:
- encoded
- compressed
- XOR protected
- dynamically executed
Nothing appears directly in plain source.
Includes:
- fake crypto logic
- fake matrix operations
- dead loops
- fake lambda chains
- fake classes
- fake execution branches
20+ junk patterns.
⭐ 10 STARS = PUBLIC SOURCE ⭐
If this repository reaches:
10 GitHub Stars
The full source code of:
- PyCool
- VM executor
- RC4 engine
- junk generator
- anti-analysis system
will be released publicly.
được phát triển bởi Trương Nhật Bảo Nam - ktn1703
PyCool là một Python obfuscator thế hệ mới được tạo ra để:
- bảo vệ source code
- chống reverse engineering
- chống AI deobfuscation
- chống debug
- chống sandbox
- chống MITM/proxy
- chống runtime instrumentation
PyCool kết hợp:
- Virtual Machine execution
- multi-layer encryption
- anti-analysis
- Unicode obfuscation
- runtime payload loading
- junk/dead code entropy cao
Không dùng import tĩnh.
Ví dụ:
__import__(''.join(map(chr,[98,97,115,101,54,52])))Lợi ích:
- khó scan static
- khó detect signature
- khó grep bằng regex
Sinh:
- tên biến tiếng Hàn
- tiếng Trung
- fullwidth unicode
- invisible unicode
Lợi ích:
- cực khó đọc
- phá regex tooling
Có hệ thống VM executor giả:
- stack/register
- staged decrypt
- runtime payload loading
Payload thật chỉ tồn tại khi runtime.
Pipeline:
marshal
→ zlib
→ zlib
→ bz2
→ lzma
→ base85
→ XOR 32-byte
→ shuffle
→ RC4
→ rolling XOR
→ base64
Lợi ích:
- entropy cực cao
- khó unpack
- khó recover payload
Detect:
- debugpy
- pdb
- debugger IDE
- tracing hook
- timing attack
Detect:
- VMware
- VirtualBox
- QEMU
- Hyper-V
Kiểm tra:
- RAM
- CPU
- process VM
- DMI strings
- timing
Detect:
- requests patch
- httpx hook
- urllib wrapper
- runtime instrumentation
Detect:
- Burp
- Fiddler
- mitmproxy
- HTTPToolkit
Bao gồm:
- fake crypto
- fake matrix
- dead loops
- fake lambda chains
- fake classes
- fake execution path
⭐ 10 STARS = PUBLIC SOURCE ⭐
Nếu repository đạt:
10 GitHub Stars
Toàn bộ source code:
- PyCool
- VM executor
- RC4 engine
- junk generator
- anti-analysis system
sẽ được public.
PyCool By Truong Nhat Bao Nam - ktn1703
Instagram:
https://instagram.com/_kingktn
Tiktok:
https://tiktok.com/@traitimkhongcondaunuaroi
Link Bio:
https://eboy.asia/p.n
https://kingktn.vercel.app