Skip to content

OxynDev/guardshield

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GuardShield (Python security)

Banner

GuardShield is a Python library that provides robust security measures to protect your Python projects. It offers various detection methods to prevent debugging attempts and ensure secure execution of your code.

Discord

Installation

pip install --force-reinstall guardshield

Usage

Import the library:

import guardshield

Enable anti-debugger detection and define custom actions on detection:

# Custom function to be executed on debugger detection
def debugger_detected():
    print("Debugger detected!")

# Create a Security instance with desired settings
module = guardshield.Security(
    anti_debugger=True, # Enable debugger detection
    kill_on_debug=False, # Kill the application on detection
    detect_vm=False, # Call custom function on vm detection
    detect_sandbox=False, # Call custom function on sandbox detection
    on_detection=debugger_detected # Execute custom function on detection

)

# Start the security check loop in a separate thread
module.check_security() # -> dict { 'detected' : bool, 'description' : str }

Perform simple checks:

# Check if the application is being debugged
module.check_debug() # -> bool

# Detect if the application is running within a sandbox environment (e.g., Sandboxie)
module.check_sandbox() # -> bool

# Terminate the application
module.force_kill() # -> None

# Detect if the application is running in vm and rdp
module.check_vm() # -> bool

# Crash user pc with Blue screen
module.crash_pc() # -> None

# Create pc fingerprint / hwid
module.get_uuid() # -> str

# Protect injection / hooking
module.anti_injection() # -> None

Change log

v1.1.5 ⋮ 06/02/2024
+ bug fix
+ dll injection detection (by bytes)

v1.1.4 ⋮ 04/02/2024
+ bug fix
+ pyinject process detection (by name)

v1.1.3 ⋮ 01/02/2024
+ injection protection

v1.1.2 ⋮ 01/02/2024
+ false detection fix

Better anti injection

https://www.youtube.com/watch?v=AP1rasewaUw&ab_channel=oxyn

Secure Compilation and Protection Against Decompilation and Debugging Attacks

To ensure the security of your executable (.exe) file, it is recommended to avoid using PyInstaller for compilation, as it can be easily reversed. Instead, you can use "Nuitka," a source-to-source compiler that compiles Python code into optimized C source code, making it harder for checkers and reverse engineers to understand and modify your code.

Follow these steps to compile your code securely:

  1. Obfuscate your code using tools like the Pyobfuscate website, which can obfuscate variable names and enhance protection.
  2. Import GuardShield to prevent debugging during the execution of your code.
  3. Compile the code using Nuitka. Here's an example command:
python -m nuitka --follow-imports --onefile --standalone --windows-icon-from-ico=icon.ico main.py

After compiling the program, you can also provide it with additional protection using the vmprotect application.

By following these steps, your code will be well-protected. However, for the utmost security, consider keeping sensitive parts of your code on the server-side as an API and perform critical operations there. This approach adds an extra layer of protection and makes your application almost unbreakable.

Request Encryption

To enhance the security of your API requests, it is recommended to encrypt the requests or add a fingerprint (custom hash) to the request that can be checked in the application and on the server. Here's an example of AES encryption using the AESCipher class:

import base64
from Crypto.Cipher import AES
from Crypto import Random
import hashlib

class AESCipher(object):
    def __init__(self, key):
        self.bs = AES.block_size
        self.key = hashlib.sha256(key.encode()).digest()

    def encrypt(self, raw):
        raw = self._pad(raw)
        iv = Random.new().read(AES.block_size)
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return base64.b64encode(iv + cipher.encrypt(raw.encode()))

    def decrypt(self, enc):
        enc = base64.b64decode(enc)
        iv = enc[:AES.block_size]
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)

    @staticmethod
    def _unpad(s):
        return s[:-ord(s[len(s)-1:])]

class Aes:
    def __init__(self):
        self.key = "SecKey2115"

    def decrypt(self, text, key=None):
        if key is not None:
            self.key = key
        return AESCipher(self.key).decrypt(text)

    def encrypt(self, text, key=None):
        if key is not None:
            self.key = key
        return AESCipher(self.key).encrypt(text).decode()

You can use the Aes class to encrypt and decrypt your requests using AES encryption. Remember to use a strong and secure key for encryption.

Todo

  • Add sandboxie detection
  • Add Vm detection
  • Add Better cheat engine detection
  • Add DLL injection protection

Tests

Test 1

Test 2

Test 3

Test 4