- Xentropy (Twitter: @SamuelAnttila)
- SecForce (Twitter: @SECFORCE_LTD)
For a deep dive into the design and step-by-step guidance on how to build your own crypter, check out this article: Write a Crypter in Any Language.
This tool is not intended for malicious use.
It is published under the GPLv3 license to encourage learning and modifications for legitimate purposes only.
This project serves as a demonstration of how easy it is to write a crypter. It works as designed, but no additional patches or customization will be provided to fit other purposes. If you're serious about this, explore and modify the code yourself.
Xencrypt provides:
- AMSI bypass and evasion of modern antivirus solutions (tested on VirusTotal at the time of writing).
- Compression and encryption of PowerShell scripts.
- Minimal or negative performance overhead (due to compression).
- Obfuscation with randomized variable names and decryption stubs.
- High entropy through randomized encryption, compression, and statement ordering.
- Easy customization for creating your own crypter variant.
- Support for recursive layering, tested with up to 500 layers.
- Compatibility with both
Import-Moduleand direct execution (as long as the original script supports it). - Distributed as a single file, ensuring portability.
- Licensed under GPLv3 – completely free and open-source!
While Xencrypt is powerful, it’s not a universal solution for all configurations. Use at your own risk!
Bypassing AMSI:
Full Undetectability (FUD):
To get started, first import the module and run the script:
Import-Module ./xencrypt.ps1
Invoke-Xencrypt -InFile invoke-mimikatz.ps1 -OutFile xenmimi.ps1