# GuardShield (Python security)
![Banner](https://github.com/OxynDev/guardshield/blob/dfe8d768d960576669baf31ae83ff22e016ccac2/temp/banner.png)
GuardShield is a Python library that provides robust security measures to protect your Python projects. It offers various detection methods to prevent debugging attempts and ensure secure execution of your code.
[Discord](https://discord.gg/8W6BweksGY)
## Installation
```python
pip install --force-reinstall guardshield
```
## Usage
Import the library:
```python
import guardshield
```
Enable anti-debugger detection and define custom actions on detection:
```python
# Custom function to be executed on debugger detection
def debugger_detected():
print("Debugger detected!")
# Create a Security instance with desired settings
module = guardshield.Security(
anti_debugger=True, # Enable debugger detection
kill_on_debug=False, # Kill the application on detection
detect_vm=False, # Call custom function on vm detection
detect_sandbox=False, # Call custom function on sandbox detection
on_detection=debugger_detected # Execute custom function on detection
)
# Start the security check loop in a separate thread
module.check_security() # -> dict { 'detected' : bool, 'description' : str }
```
Perform simple checks:
```python
# Check if the application is being debugged
module.check_debug() # -> bool
# Detect if the application is running within a sandbox environment (e.g., Sandboxie)
module.check_sandbox() # -> bool
# Terminate the application
module.force_kill() # -> None
# Detect if the application is running in vm and rdp
module.check_vm() # -> bool
# Crash user pc with Blue screen
module.crash_pc() # -> None
# Create pc fingerprint / hwid
module.get_uuid() # -> str
# Protect injection / hooking
module.anti_injection() # -> None
```
## Change log
```diff
v1.1.5 â‹® 06/02/2024
+ bug fix
+ dll injection detection (by bytes)
v1.1.4 â‹® 04/02/2024
+ bug fix
+ pyinject process detection (by name)
v1.1.3 â‹® 01/02/2024
+ injection protection
v1.1.2 â‹® 01/02/2024
+ false detection fix
```
## Better anti injection
https://www.youtube.com/watch?v=AP1rasewaUw&ab_channel=oxyn
## Secure Compilation and Protection Against Decompilation and Debugging Attacks
To ensure the security of your executable (`.exe`) file, it is recommended to avoid using PyInstaller for compilation, as it can be easily reversed. Instead, you can use "Nuitka," a source-to-source compiler that compiles Python code into optimized C source code, making it harder for checkers and reverse engineers to understand and modify your code.
Follow these steps to compile your code securely:
1. Obfuscate your code using tools like the [Pyobfuscate](https://pyob.oxyry.com/) website, which can obfuscate variable names and enhance protection.
2. Import GuardShield to prevent debugging during the execution of your code.
3. Compile the code using Nuitka. Here's an example command:
```python
python -m nuitka --follow-imports --onefile --standalone --windows-icon-from-ico=icon.ico main.py
```
After compiling the program, you can also provide it with additional protection using the vmprotect application.
By following these steps, your code will be well-protected. However, for the utmost security, consider keeping sensitive parts of your code on the server-side as an API and perform critical operations there. This approach adds an extra layer of protection and makes your application almost unbreakable.
## Request Encryption
To enhance the security of your API requests, it is recommended to encrypt the requests or add a fingerprint (custom hash) to the request that can be checked in the application and on the server. Here's an example of AES encryption using the `AESCipher` class:
```python
import base64
from Crypto.Cipher import AES
from Crypto import Random
import hashlib
class AESCipher(object):
def __init__(self, key):
self.bs = AES.block_size
self.key = hashlib.sha256(key.encode()).digest()
def encrypt(self, raw):
raw = self._pad(raw)
iv = Random.new().read(AES.block_size)
cipher = AES.new(self.key, AES.MODE_CBC, iv)
return base64.b64encode(iv + cipher.encrypt(raw.encode()))
def decrypt(self, enc):
enc = base64.b64decode(enc)
iv = enc[:AES.block_size]
cipher = AES.new(self.key, AES.MODE_CBC, iv)
return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')
def _pad(self, s):
return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)
@staticmethod
def _unpad(s):
return s[:-ord(s[len(s)-1:])]
class Aes:
def __init__(self):
self.key = "SecKey2115"
def decrypt(self, text, key=None):
if key is not None:
self.key = key
return AESCipher(self.key).decrypt(text)
def encrypt(self, text, key=None):
if key is not None:
self.key = key
return AESCipher(self.key).encrypt(text).decode()
```
You can use the `Aes` class to encrypt and decrypt your requests using AES encryption. Remember to use a strong and secure key for encryption.
## Todo
- [x] Add sandboxie detection
- [x] Add Vm detection
- [x] Add Better cheat engine detection
- [x] Add DLL injection protection
## Tests
![Test 1](https://github.com/OxynDev/guardshield/blob/ac9b56845ff0deb4de33363abe4025e119e830b7/temp/1.gif)
![Test 2](https://github.com/OxynDev/guardshield/blob/4c971d7bebb2a04d54e7819561f5d850655a1881/temp/2.gif)
![Test 3](https://github.com/OxynDev/guardshield/blob/bd7c082bf12272f35e63988267df144039d70873/temp/3.gif)
![Test 4](https://github.com/OxynDev/guardshield/blob/4a13905d9b1ea1bbb84e5f72e2061a5347ee98a4/temp/4.gif)
Raw data
{
"_id": null,
"home_page": "https://github.com/OxynDev/guardshield",
"name": "guardshield",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "python anti debugger security exe",
"author": "Oxyn",
"author_email": "oxyn.dev@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/7f/96/962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056/guardshield-1.1.5.tar.gz",
"platform": null,
"description": "# GuardShield (Python security)\r\n\r\n![Banner](https://github.com/OxynDev/guardshield/blob/dfe8d768d960576669baf31ae83ff22e016ccac2/temp/banner.png)\r\n\r\nGuardShield is a Python library that provides robust security measures to protect your Python projects. It offers various detection methods to prevent debugging attempts and ensure secure execution of your code.\r\n\r\n[Discord](https://discord.gg/8W6BweksGY)\r\n\r\n## Installation\r\n\r\n```python\r\npip install --force-reinstall guardshield\r\n```\r\n\r\n## Usage\r\nImport the library:\r\n```python\r\nimport guardshield\r\n```\r\n\r\nEnable anti-debugger detection and define custom actions on detection:\r\n```python\r\n# Custom function to be executed on debugger detection\r\ndef debugger_detected():\r\n print(\"Debugger detected!\")\r\n\r\n# Create a Security instance with desired settings\r\nmodule = guardshield.Security(\r\n anti_debugger=True, # Enable debugger detection\r\n kill_on_debug=False, # Kill the application on detection\r\n detect_vm=False, # Call custom function on vm detection\r\n detect_sandbox=False, # Call custom function on sandbox detection\r\n on_detection=debugger_detected # Execute custom function on detection\r\n\r\n)\r\n\r\n# Start the security check loop in a separate thread\r\nmodule.check_security() # -> dict { 'detected' : bool, 'description' : str }\r\n```\r\n\r\nPerform simple checks:\r\n```python\r\n# Check if the application is being debugged\r\nmodule.check_debug() # -> bool\r\n\r\n# Detect if the application is running within a sandbox environment (e.g., Sandboxie)\r\nmodule.check_sandbox() # -> bool\r\n\r\n# Terminate the application\r\nmodule.force_kill() # -> None\r\n\r\n# Detect if the application is running in vm and rdp\r\nmodule.check_vm() # -> bool\r\n\r\n# Crash user pc with Blue screen\r\nmodule.crash_pc() # -> None\r\n\r\n# Create pc fingerprint / hwid\r\nmodule.get_uuid() # -> str\r\n\r\n# Protect injection / hooking\r\nmodule.anti_injection() # -> None\r\n\r\n```\r\n\r\n## Change log\r\n```diff\r\nv1.1.5 \u00e2\u2039\u00ae 06/02/2024\r\n+ bug fix\r\n+ dll injection detection (by bytes)\r\n\r\nv1.1.4 \u00e2\u2039\u00ae 04/02/2024\r\n+ bug fix\r\n+ pyinject process detection (by name)\r\n\r\nv1.1.3 \u00e2\u2039\u00ae 01/02/2024\r\n+ injection protection\r\n\r\nv1.1.2 \u00e2\u2039\u00ae 01/02/2024\r\n+ false detection fix\r\n```\r\n\r\n## Better anti injection\r\n\r\nhttps://www.youtube.com/watch?v=AP1rasewaUw&ab_channel=oxyn\r\n\r\n## Secure Compilation and Protection Against Decompilation and Debugging Attacks\r\n\r\nTo ensure the security of your executable (`.exe`) file, it is recommended to avoid using PyInstaller for compilation, as it can be easily reversed. Instead, you can use \"Nuitka,\" a source-to-source compiler that compiles Python code into optimized C source code, making it harder for checkers and reverse engineers to understand and modify your code.\r\n\r\nFollow these steps to compile your code securely:\r\n\r\n1. Obfuscate your code using tools like the [Pyobfuscate](https://pyob.oxyry.com/) website, which can obfuscate variable names and enhance protection.\r\n2. Import GuardShield to prevent debugging during the execution of your code.\r\n3. Compile the code using Nuitka. Here's an example command:\r\n\r\n```python\r\npython -m nuitka --follow-imports --onefile --standalone --windows-icon-from-ico=icon.ico main.py\r\n```\r\n\r\nAfter compiling the program, you can also provide it with additional protection using the vmprotect application.\r\n\r\nBy following these steps, your code will be well-protected. However, for the utmost security, consider keeping sensitive parts of your code on the server-side as an API and perform critical operations there. This approach adds an extra layer of protection and makes your application almost unbreakable.\r\n\r\n## Request Encryption\r\n\r\nTo enhance the security of your API requests, it is recommended to encrypt the requests or add a fingerprint (custom hash) to the request that can be checked in the application and on the server. Here's an example of AES encryption using the `AESCipher` class:\r\n\r\n```python\r\nimport base64\r\nfrom Crypto.Cipher import AES\r\nfrom Crypto import Random\r\nimport hashlib\r\n\r\nclass AESCipher(object):\r\n def __init__(self, key):\r\n self.bs = AES.block_size\r\n self.key = hashlib.sha256(key.encode()).digest()\r\n\r\n def encrypt(self, raw):\r\n raw = self._pad(raw)\r\n iv = Random.new().read(AES.block_size)\r\n cipher = AES.new(self.key, AES.MODE_CBC, iv)\r\n return base64.b64encode(iv + cipher.encrypt(raw.encode()))\r\n\r\n def decrypt(self, enc):\r\n enc = base64.b64decode(enc)\r\n iv = enc[:AES.block_size]\r\n cipher = AES.new(self.key, AES.MODE_CBC, iv)\r\n return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')\r\n\r\n def _pad(self, s):\r\n return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)\r\n\r\n @staticmethod\r\n def _unpad(s):\r\n return s[:-ord(s[len(s)-1:])]\r\n\r\nclass Aes:\r\n def __init__(self):\r\n self.key = \"SecKey2115\"\r\n\r\n def decrypt(self, text, key=None):\r\n if key is not None:\r\n self.key = key\r\n return AESCipher(self.key).decrypt(text)\r\n\r\n def encrypt(self, text, key=None):\r\n if key is not None:\r\n self.key = key\r\n return AESCipher(self.key).encrypt(text).decode()\r\n```\r\n\r\nYou can use the `Aes` class to encrypt and decrypt your requests using AES encryption. Remember to use a strong and secure key for encryption.\r\n\r\n\r\n## Todo\r\n\r\n- [x] Add sandboxie detection\r\n- [x] Add Vm detection\r\n- [x] Add Better cheat engine detection\r\n- [x] Add DLL injection protection\r\n\r\n \r\n## Tests\r\n\r\n![Test 1](https://github.com/OxynDev/guardshield/blob/ac9b56845ff0deb4de33363abe4025e119e830b7/temp/1.gif)\r\n\r\n![Test 2](https://github.com/OxynDev/guardshield/blob/4c971d7bebb2a04d54e7819561f5d850655a1881/temp/2.gif)\r\n\r\n![Test 3](https://github.com/OxynDev/guardshield/blob/bd7c082bf12272f35e63988267df144039d70873/temp/3.gif)\r\n\r\n![Test 4](https://github.com/OxynDev/guardshield/blob/4a13905d9b1ea1bbb84e5f72e2061a5347ee98a4/temp/4.gif)\r\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Security lib",
"version": "1.1.5",
"project_urls": {
"Homepage": "https://github.com/OxynDev/guardshield"
},
"split_keywords": [
"python",
"anti",
"debugger",
"security",
"exe"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "7f96962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056",
"md5": "3d48f2ac8ed71f91eb56ded7649ad7e6",
"sha256": "2b95a3cb6c3a8de1bf47d86928562413f5343a1100d616df47f3c42d425737cf"
},
"downloads": -1,
"filename": "guardshield-1.1.5.tar.gz",
"has_sig": false,
"md5_digest": "3d48f2ac8ed71f91eb56ded7649ad7e6",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 20511,
"upload_time": "2024-02-06T16:26:55",
"upload_time_iso_8601": "2024-02-06T16:26:55.763489Z",
"url": "https://files.pythonhosted.org/packages/7f/96/962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056/guardshield-1.1.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-02-06 16:26:55",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "OxynDev",
"github_project": "guardshield",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "guardshield"
}