Ever since Nick Harbour won the “Race to Zero” contest with some radical anti-virus evasion techniques I have been looking for a copy of PE-Scrambler. But shortly after defcon, his site disappeared and his application was not very easy to come by. Today I stumbled upon Nick’s site and it is back up! I know several of Security Weekly listeners were also looking for a copy. Nick has several other cool tools out there such as command-line to clipboard I/O utilities, a pcap parser that extract files, and APIThief for monitoring applications API calls. What an awesome collection of work! Get it while the getting is good!
If the original source does go down here is a copy.
PEScrambler_v0_1.zip (Google Code)
MarkMac:Downloads mark.baggett$ openssl sha1 PEScrambler_v0_1.zip
SHA1(PEScrambler_v0_1.zip)= 4da298902ee3db0eb0c42261819ba0132349f1d0
MarkMac:Downloads mark.baggett$ openssl md5 PEScrambler_v0_1.zip
MD5(PEScrambler_v0_1.zip)= 141cee7fbc8f620dca9bcfea9c47a4a5