Papyrus makes use of many techniques to make python source code less readable and secure against static analysis.
Basic obfuscation of functions, variables, objects and imports. Makes code less readable.
Compression based obfuscation. Obfuscates code by running it through the LZMA compression algorithm
Adds code which makes analysis difficult by detecting debuggers, VM environments and more.
XOR cipher based obfuscation. Obfuscates the code by encrypting it with a random key in a set keyspace
Makes the code polymorphic and also reduces Shanon entropy of the code by encoding parts with RLE (Run Length Encoding) and LZW (Lempel-Ziv-Welch)
- Make the obfuscated code more compact as the obfuscation processes leads to size explosion.
- A post-compile module py2exe or pyinstaller executables
- Control flow obfuscation
- Better polymorphism by messing with the control flow itself (Rearrangements of the nodes of the CFG on runtime)