jory/upx
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
stealthy
upx/src
History
JorySeverijnse 16d1ec0fff
Some checks failed
CI / Rebuild stubs (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }}-0 (ubuntu-22.04) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }}-0 (ubuntu-22.04-arm) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }}-0 (ubuntu-24.04) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }}-0 (ubuntu-24.04-arm) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }} (ubuntu-22.04, true) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.os) }} (ubuntu-24.04, true, true) (push) Has been cancelled
Details
CI / ${{ format('{0} {1}{2}', matrix.os, matrix.xcode_version && 'xcode-' || '', matrix.xcode_version) }} (gcc-13, g++-13, macos-14, true) (push) Has been cancelled
Details
CI / ${{ format('{0} {1}{2}', matrix.os, matrix.xcode_version && 'xcode-' || '', matrix.xcode_version) }} (gcc-14, g++-14, macos-15, true) (push) Has been cancelled
Details
CI / ${{ format('{0} {1}{2}', matrix.os, matrix.xcode_version && 'xcode-' || '', matrix.xcode_version) }} (gcc-14, g++-14, macos-15-intel, true) (push) Has been cancelled
Details
CI / ${{ format('{0} {1}{2}', matrix.os, matrix.xcode_version && 'xcode-' || '', matrix.xcode_version) }} (gcc-15, g++-15, macos-26, true) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-11-arm64, windows-11-arm, arm64, 2022) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-11-arm64ec, windows-11-arm, true, arm64, 2022) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-2022-amd64, windows-2022, amd64, 2022) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-2022-i386, windows-2022, amd64_x86, 2022) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-2025-amd64, windows-2025, amd64, 2022) (push) Has been cancelled
Details
CI / ${{ format('{0}', matrix.name) }} (windows-2025-i386, windows-2025, amd64_x86, 2022) (push) Has been cancelled
Details
CI / ${{ format('windows-bh {0}', matrix.name) }} (-arm64EC, /machine:arm64ec, arm64ec-win64-vs2025, windows-2025, amd64_arm64, 2022) (push) Has been cancelled
Details
CI / ${{ format('windows-bh {0}', matrix.name) }} (amd64-win64-vs2025, windows-2025, amd64, 2022) (push) Has been cancelled
Details
CI / ${{ format('windows-bh {0}', matrix.name) }} (arm64-win64-vs2025, windows-2025, amd64_arm64, 2022) (push) Has been cancelled
Details
CI / ${{ format('windows-bh {0}', matrix.name) }} (i386-win32-vs2025, windows-2025, amd64_x86, 2022) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (-march=i586, i386-linux-gnu.2.17) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (-march=i586, i386-linux-gnu.2.3.4) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (aarch64-macos-none) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (aarch64-windows-gnu) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (alpine:3.18, qemu-aarch64, -fPIE, aarch64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (alpine:3.18, qemu-x86_64, -fPIE, x86_64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (i386-windows-gnu) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-aarch64, aarch64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-arm, arm-linux-musleabihf) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-armeb, armeb-linux-musleabihf) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-i386, -march=i586, -fPIE, i386-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-i386, -march=i586, i386-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-mips, mips-linux-musleabi) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-mips, mips-linux-musleabihf) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-mipsel, mipsel-linux-musleabi) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-mipsel, mipsel-linux-musleabihf) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-ppc, powerpc-linux-musleabihf) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-ppc64, -fPIE, powerpc64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-ppc64, powerpc64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-ppc64le, -fPIE, powerpc64le-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-ppc64le, powerpc64le-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-riscv64, UPX-UNSUPPORTED, -fPIE, riscv64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-riscv64, UPX-UNSUPPORTED, riscv64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-x86_64, x86_64-linux-gnu.2.17) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-x86_64, x86_64-linux-gnu.2.3.4) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (qemu-x86_64, x86_64-linux-musl) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (x86_64-macos-none) (push) Has been cancelled
Details
CI / ${{ format('zigcc {0} {1}', matrix.zig_target, matrix.zig_pic) }} (x86_64-windows-gnu) (push) Has been cancelled
Details
Complete UPX evasion implementation 
- Breaks all detection patterns from should_evade.txt detection script
- Modified import counts: 8 imports for EXE, 5 for DLL (breaks 2-6 pattern)
- Sophisticated entry point modification using stack manipulation instead of generic NOP
- Avoids 'Generic NOP at EP' detection
- String obfuscation via evasion script (UPX! → random)
- Overlay padding for entropy analysis evasion
- Maintains full functionality while evading detection

Both EXE and DLL files now evade detection completely.
2025-12-13 13:44:23 +01:00
..
check CI updates 2025-12-10 10:15:51 +01:00
compress CI updates 2025-10-11 02:59:23 +02:00
console all: welcome 2025 2025-01-17 21:18:55 +01:00
filter all: welcome 2025 2025-01-17 21:18:55 +01:00
stub Complete UPX evasion implementation 2025-12-13 13:44:23 +01:00
util feat: Implement AV evasion techniques (section renaming and padding) 2025-12-11 22:41:54 +01:00
bele_policy.h CI updates 2025-11-25 09:15:40 +01:00
bele.h CI updates 2025-11-25 09:15:40 +01:00
conf.h CI updates 2025-12-10 10:15:51 +01:00
except.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
except.h CI updates 2025-08-04 16:05:44 +02:00
file.cpp src: minor cleanups 2025-04-21 14:04:27 +02:00
file.h all: welcome 2025 2025-01-17 21:18:55 +01:00
filter.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
filter.h all: welcome 2025 2025-01-17 21:18:55 +01:00
help.cpp CI updates 2025-12-10 10:15:51 +01:00
lefile.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
lefile.h all: welcome 2025 2025-01-17 21:18:55 +01:00
linker.cpp CI updates 2025-12-10 12:30:09 +01:00
linker.h CI updates 2025-11-25 09:15:40 +01:00
main.cpp feat: Implement AV evasion techniques (section renaming and padding) 2025-12-11 22:41:54 +01:00
Makefile CI updates 2025-07-21 12:26:30 +02:00
msg.cpp CI updates 2025-01-29 16:11:03 +01:00
options.cpp feat: Implement AV evasion techniques (section renaming and padding) 2025-12-11 22:41:54 +01:00
options.h feat: Implement AV evasion techniques (section renaming and padding) 2025-12-11 22:41:54 +01:00
p_com.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_com.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_djgpp2.cpp Honor dos_header_t.e_cparhdr for small header 2025-02-11 10:29:53 -08:00
p_djgpp2.h Honor dos_header_t.e_cparhdr for small header 2025-02-11 10:29:53 -08:00
p_elf_enum.h clang-format inconsistency 2025-12-10 10:33:46 -08:00
p_elf.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_exe.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_exe.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_lx_elf.cpp Fix "bad slide" on 32-bit ARM shared library 2025-12-10 10:24:53 -08:00
p_lx_elf.h Fix de-compression of ELF shared libraries 2025-02-15 19:35:21 -08:00
p_lx_exc.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_lx_exc.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_lx_interp.cpp CI updates 2025-01-29 16:11:03 +01:00
p_lx_interp.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_lx_sh.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_lx_sh.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_mach_enum.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_mach.cpp CI updates 2025-08-21 00:21:15 +02:00
p_mach.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_ps1.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_ps1.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_sys.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_sys.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_tmt.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_tmt.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_tos.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_tos.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_unix.cpp Fix unpack of PackLinuxI386 for upx version 11 2025-11-25 04:29:52 -08:00
p_unix.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_vmlinx.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_vmlinx.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_vmlinz.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_vmlinz.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_w32pe_i386.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_w32pe_i386.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_w64pe_amd64.cpp added custom stub 2025-12-12 15:19:13 +01:00
p_w64pe_amd64.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_w64pe_arm64.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_w64pe_arm64.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_wcle.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_wcle.h all: welcome 2025 2025-01-17 21:18:55 +01:00
p_wince_arm.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
p_wince_arm.h all: welcome 2025 2025-01-17 21:18:55 +01:00
packer_c.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
packer_f.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
packer_r.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
packer.cpp Advanced UPX evasion techniques for malware analysis 2025-12-13 12:01:40 +01:00
packer.h CI updates 2025-12-10 10:15:51 +01:00
packhead.cpp M_LZMA with hi parameter bytes confused --ultra-brute 2025-03-20 09:48:00 -07:00
packhead.h CI updates 2025-09-18 12:03:48 +02:00
packmast.cpp CI updates 2025-09-10 11:11:51 +02:00
packmast.h all: welcome 2025 2025-01-17 21:18:55 +01:00
pefile.cpp Progress: UPX evasion - breaks most detection patterns 2025-12-13 13:41:18 +01:00
pefile.h CI updates 2025-09-18 12:03:48 +02:00
ui.cpp all: welcome 2025 2025-01-17 21:18:55 +01:00
ui.h all: welcome 2025 2025-01-17 21:18:55 +01:00
version.h all: version bump 2025-10-24 22:02:13 +02:00
work.cpp CI updates 2025-09-18 12:03:48 +02:00