A lightweight Python runtime crypter that obfuscates and packages payloads into standalone executables — includes an AMSI Bypass variation for enhanced runtime execution.
Run one of the following scripts using Python:
python runtime_crypter <payload_path> <output_stub_path>
python runtime_crypter_amsi_bypass <payload_path> <output_stub_path><payload_path> → Path to your raw executable payload (.bin)
<output_stub_path> → Desired path for the generated stub/executable
Only x64 raw executable files (.bin) are supported as payloads.
The AMSI Bypass version is based on the implementation in d0rb/AMSI-Bypass
After generating the stub script (output.py), compile it into a standalone executable using PyInstaller:
pyinstaller --noconsole --onefile output.pyMake sure the following dependencies are installed:
pyinstaller
pycryptodome
Install them with pip:
pip install pyinstaller pycryptodomeAMSI Bypass implementation referenced from: d0rb/AMSI-Bypass
This project is for educational purposes only. The author does not take responsibility for any misuse of this tool. Use only in controlled and legal environments.