[bangaladore]

Reminds me of movfuscator [1]. This can compile programs to movs and only movs.

[1] https://github.com/Battelle/movfuscator

[LPisGood]

Battelle is great. They also created some software called Cantor Dust [1] that turns files into images to allow humans to easily spot obfuscated data or files.

The sad thing about this kind of work, because I love it, is that to get paid to do it you need clearances and polygraphs and periodic reinvestigations/continuous monitoring and all sorts of things that I find unpleasant.

[1] https://github.com/Battelle/cantordust

[mmastrac]

I'm not sure what you mean but I was a security researcher for a large company for a bit and required none of that. I was required to work airgapped at home, however.

[LPisGood]

Really? You were doing offensive security work not for a government (/contractor)? What sorts companies, aside from some enterprise pen testers, employ these roles?

[saagarjha]

The tools you’re talking about are not exclusive to offensive security. They’re plenty useful for malware analysis and other reverse engineering tasks.

[mmastrac]

Email is in my profile -- happy to clarify/share some very rough details if you'd like.

[beng-nl]

Agreed that is a fine piece of work. But the author is Chris Domas. Which is plain from the repo readme, but it’d be clearer to link to his repo.

[bangaladore]

I was originally going to link their repo [1]. But I saw it was forked from the one I linked so I just gave that one instead.

[1] https://github.com/xoreaxeaxeax/movfuscator

[saagarjha]

Chris used to (maybe still does?) work at Batelle.

[thegeekpirate]

He went MIA after joining Intel, so I'm assuming he's still there.