Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files


Carbylamine is a PHP Encoder project, which can bypass all leading anti-virus detection against PHP Shells (C99, R57 etc) easily. It can be a very efficient tool for pen-testers when carrying out a black box test which involves inserting malicious code via PHP.

Carbylamine - A PHP Script Encoder to Obfuscate Encode PHP Files


Usage

You can download Carbylamine here:

carbylamine.php

Or read more here.

Posted in: Cryptography, Hacking Tools, Secure Coding


Latest Posts:


Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.


6 Responses to Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files

  1. Sjon April 10, 2012 at 11:50 am #

    Really? All this script does is:

    $code = base64_encode(gzdeflate($code)); eval(gzinflate(base64_decode($code));

    I don’t understand this gets posted here.

    • JonS April 10, 2012 at 2:25 pm #

      Other things are also there, mate ! Look carefully !

    • Darknet April 10, 2012 at 4:22 pm #

      Submit something awesome that you’ve written, it’ll probably get posted too :)

  2. Sro April 23, 2012 at 6:09 pm #

    For PT, i use basic file