VXLANG is a project designed to prevent reverse-engineering behaviors such as static or dynamic analysis, file tampering, and unauthorized access to memory by attackers.
The vxlang project currently targets x86-64 system and .Net binaries, native binary files for the Microsoft Windows operating system, including executables with the ".exe" extension, dynamic link library files with the ".dll" extension, and kernel driver files with the ".sys" extension. (The types of target binaries supported by vxlang will be expanded in future updates).
Before
After
Before
After
Optimization: Verify that VxVirtualizationBegin and VxVirtualizationEnd are in the same block.
If procedures are merged due to code optimization, problems may arise.switch-case: In the switch-case, when the branch movement is not an IMM value, it may be moved to the original position.Exception handling: Currently, the virtual CPU does not support exception handling.
The full version of VxLang is developed and operated under donation through Patreon.
The exact usage of VxLang and sharing of extension module code, new features of VxLang, etc. will be shared.
If you have any questions, please send your request to the email below.
- E-Mail: 0x999h@gmail.com
- Full Version
- You can control all features of the VxLang protector.
- Support for virtual CPUs with specialized CPU contexts.
- Patreon
- Download
- Demo: ver.1.4.4.0
- Full: Latest version
1.4.4.0- An On/Off option for Import Table Mutation has been added.
- This feature is enabled by default, but in CMD mode, you can disable it using the --disable-import-mutation option.
- e.g. If Min-Hook is not working, try disabling this option.
- An On/Off option for Import Table Mutation has been added.
1.4.3.1- Minor bug fixes.
- Fixed a bug where a command prompt window would appear when anti-tamper was activated.
- Minor bug fixes.
1.4.3.0- The command-line mode has been re-enabled.
- Unlike before, a temp.json file is created and referenced.
- The command-line mode does not support adding add-ons.
- Fixed a small bug. -Log output
- The command-line mode has been re-enabled.
1.4.2.0- Added obfuscation and virtualization features based on MAP files.
- Modified JSON projects to allow compression of multiple files.
- support older versions of JSON.
- Discontinuation of Command-Line based feature support.
1.4.1.0- The JSON parsing format has been changed. MAP-based virtualization and obfuscation will be added in the next hotfix update.
- The bug related to DLL manual mapping has been fixed.
1.4.0.0- The registers used for operations in the virtual machine are randomly assigned each time.
- Plan to add this to all instructions in the version 1.4 update.
- Fixed a bug that caused the obfuscated code to run slower.
- The registers used for operations in the virtual machine are randomly assigned each time.
1.3.16.0- Fixed bug where a crash occurred if the obfuscation section was missing when debug information was added.
1.3.15.0- Fixed bugs related to adding resources
1.3.14.0- Fixed bug for code-flattening&obfuscation
- Fixed packing log.
1.3.13.0- Improved memory protection.
- Added additional protection to the R/W area.
- Improved process pause detection.
- Improved memory protection.
1.3.12.0- Fixed a feature that conflicts with Windows 11.
1.3.11.0- Improved import table settings.
- Set-up the same as a common commercial packer.
- Improved import table settings.
1.3.10.0- Improved memory protection
- Fixed Anti-Tamper bug
1.3.9.0- Updated obfuscation scope for packer shell code
- Updated obfuscation patterns
Task- Add ELF32/64 format for x86-64
- Add code obfuscation methods for x86-64
- Once the above steps are complete, add the ARM system for the ELF file format.
Thank you to everyone who helped with the development.
