guardshield


Nameguardshield JSON
Version 1.1.5 PyPI version JSON
download
home_pagehttps://github.com/OxynDev/guardshield
SummarySecurity lib
upload_time2024-02-06 16:26:55
maintainer
docs_urlNone
authorOxyn
requires_python
licenseMIT
keywords python anti debugger security exe
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # GuardShield (Python security)

![Banner](https://github.com/OxynDev/guardshield/blob/dfe8d768d960576669baf31ae83ff22e016ccac2/temp/banner.png)

GuardShield is a Python library that provides robust security measures to protect your Python projects. It offers various detection methods to prevent debugging attempts and ensure secure execution of your code.

[Discord](https://discord.gg/8W6BweksGY)

## Installation

```python
pip install --force-reinstall guardshield
```

## Usage
Import the library:
```python
import guardshield
```

Enable anti-debugger detection and define custom actions on detection:
```python
# Custom function to be executed on debugger detection
def debugger_detected():
    print("Debugger detected!")

# Create a Security instance with desired settings
module = guardshield.Security(
    anti_debugger=True, # Enable debugger detection
    kill_on_debug=False, # Kill the application on detection
    detect_vm=False, # Call custom function on vm detection
    detect_sandbox=False, # Call custom function on sandbox detection
    on_detection=debugger_detected # Execute custom function on detection

)

# Start the security check loop in a separate thread
module.check_security() # -> dict { 'detected' : bool, 'description' : str }
```

Perform simple checks:
```python
# Check if the application is being debugged
module.check_debug() # -> bool

# Detect if the application is running within a sandbox environment (e.g., Sandboxie)
module.check_sandbox() # -> bool

# Terminate the application
module.force_kill() # -> None

# Detect if the application is running in vm and rdp
module.check_vm() # -> bool

# Crash user pc with Blue screen
module.crash_pc() # -> None

# Create pc fingerprint / hwid
module.get_uuid() # -> str

# Protect injection / hooking
module.anti_injection() # -> None

```

## Change log
```diff
v1.1.5 â‹® 06/02/2024
+ bug fix
+ dll injection detection (by bytes)

v1.1.4 â‹® 04/02/2024
+ bug fix
+ pyinject process detection (by name)

v1.1.3 â‹® 01/02/2024
+ injection protection

v1.1.2 â‹® 01/02/2024
+ false detection fix
```

## Better anti injection

https://www.youtube.com/watch?v=AP1rasewaUw&ab_channel=oxyn

## Secure Compilation and Protection Against Decompilation and Debugging Attacks

To ensure the security of your executable (`.exe`) file, it is recommended to avoid using PyInstaller for compilation, as it can be easily reversed. Instead, you can use "Nuitka," a source-to-source compiler that compiles Python code into optimized C source code, making it harder for checkers and reverse engineers to understand and modify your code.

Follow these steps to compile your code securely:

1. Obfuscate your code using tools like the [Pyobfuscate](https://pyob.oxyry.com/) website, which can obfuscate variable names and enhance protection.
2. Import GuardShield to prevent debugging during the execution of your code.
3. Compile the code using Nuitka. Here's an example command:

```python
python -m nuitka --follow-imports --onefile --standalone --windows-icon-from-ico=icon.ico main.py
```

After compiling the program, you can also provide it with additional protection using the vmprotect application.

By following these steps, your code will be well-protected. However, for the utmost security, consider keeping sensitive parts of your code on the server-side as an API and perform critical operations there. This approach adds an extra layer of protection and makes your application almost unbreakable.

## Request Encryption

To enhance the security of your API requests, it is recommended to encrypt the requests or add a fingerprint (custom hash) to the request that can be checked in the application and on the server. Here's an example of AES encryption using the `AESCipher` class:

```python
import base64
from Crypto.Cipher import AES
from Crypto import Random
import hashlib

class AESCipher(object):
    def __init__(self, key):
        self.bs = AES.block_size
        self.key = hashlib.sha256(key.encode()).digest()

    def encrypt(self, raw):
        raw = self._pad(raw)
        iv = Random.new().read(AES.block_size)
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return base64.b64encode(iv + cipher.encrypt(raw.encode()))

    def decrypt(self, enc):
        enc = base64.b64decode(enc)
        iv = enc[:AES.block_size]
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)

    @staticmethod
    def _unpad(s):
        return s[:-ord(s[len(s)-1:])]

class Aes:
    def __init__(self):
        self.key = "SecKey2115"

    def decrypt(self, text, key=None):
        if key is not None:
            self.key = key
        return AESCipher(self.key).decrypt(text)

    def encrypt(self, text, key=None):
        if key is not None:
            self.key = key
        return AESCipher(self.key).encrypt(text).decode()
```

You can use the `Aes` class to encrypt and decrypt your requests using AES encryption. Remember to use a strong and secure key for encryption.


## Todo

- [x] Add sandboxie detection
- [x] Add Vm detection
- [x] Add Better cheat engine detection
- [x] Add DLL injection protection

      
## Tests

![Test 1](https://github.com/OxynDev/guardshield/blob/ac9b56845ff0deb4de33363abe4025e119e830b7/temp/1.gif)

![Test 2](https://github.com/OxynDev/guardshield/blob/4c971d7bebb2a04d54e7819561f5d850655a1881/temp/2.gif)

![Test 3](https://github.com/OxynDev/guardshield/blob/bd7c082bf12272f35e63988267df144039d70873/temp/3.gif)

![Test 4](https://github.com/OxynDev/guardshield/blob/4a13905d9b1ea1bbb84e5f72e2061a5347ee98a4/temp/4.gif)

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/OxynDev/guardshield",
    "name": "guardshield",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "python anti debugger security exe",
    "author": "Oxyn",
    "author_email": "oxyn.dev@gmail.com",
    "download_url": "https://files.pythonhosted.org/packages/7f/96/962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056/guardshield-1.1.5.tar.gz",
    "platform": null,
    "description": "# GuardShield (Python security)\r\n\r\n![Banner](https://github.com/OxynDev/guardshield/blob/dfe8d768d960576669baf31ae83ff22e016ccac2/temp/banner.png)\r\n\r\nGuardShield is a Python library that provides robust security measures to protect your Python projects. It offers various detection methods to prevent debugging attempts and ensure secure execution of your code.\r\n\r\n[Discord](https://discord.gg/8W6BweksGY)\r\n\r\n## Installation\r\n\r\n```python\r\npip install --force-reinstall guardshield\r\n```\r\n\r\n## Usage\r\nImport the library:\r\n```python\r\nimport guardshield\r\n```\r\n\r\nEnable anti-debugger detection and define custom actions on detection:\r\n```python\r\n# Custom function to be executed on debugger detection\r\ndef debugger_detected():\r\n    print(\"Debugger detected!\")\r\n\r\n# Create a Security instance with desired settings\r\nmodule = guardshield.Security(\r\n    anti_debugger=True, # Enable debugger detection\r\n    kill_on_debug=False, # Kill the application on detection\r\n    detect_vm=False, # Call custom function on vm detection\r\n    detect_sandbox=False, # Call custom function on sandbox detection\r\n    on_detection=debugger_detected # Execute custom function on detection\r\n\r\n)\r\n\r\n# Start the security check loop in a separate thread\r\nmodule.check_security() # -> dict { 'detected' : bool, 'description' : str }\r\n```\r\n\r\nPerform simple checks:\r\n```python\r\n# Check if the application is being debugged\r\nmodule.check_debug() # -> bool\r\n\r\n# Detect if the application is running within a sandbox environment (e.g., Sandboxie)\r\nmodule.check_sandbox() # -> bool\r\n\r\n# Terminate the application\r\nmodule.force_kill() # -> None\r\n\r\n# Detect if the application is running in vm and rdp\r\nmodule.check_vm() # -> bool\r\n\r\n# Crash user pc with Blue screen\r\nmodule.crash_pc() # -> None\r\n\r\n# Create pc fingerprint / hwid\r\nmodule.get_uuid() # -> str\r\n\r\n# Protect injection / hooking\r\nmodule.anti_injection() # -> None\r\n\r\n```\r\n\r\n## Change log\r\n```diff\r\nv1.1.5 \u00e2\u2039\u00ae 06/02/2024\r\n+ bug fix\r\n+ dll injection detection (by bytes)\r\n\r\nv1.1.4 \u00e2\u2039\u00ae 04/02/2024\r\n+ bug fix\r\n+ pyinject process detection (by name)\r\n\r\nv1.1.3 \u00e2\u2039\u00ae 01/02/2024\r\n+ injection protection\r\n\r\nv1.1.2 \u00e2\u2039\u00ae 01/02/2024\r\n+ false detection fix\r\n```\r\n\r\n## Better anti injection\r\n\r\nhttps://www.youtube.com/watch?v=AP1rasewaUw&ab_channel=oxyn\r\n\r\n## Secure Compilation and Protection Against Decompilation and Debugging Attacks\r\n\r\nTo ensure the security of your executable (`.exe`) file, it is recommended to avoid using PyInstaller for compilation, as it can be easily reversed. Instead, you can use \"Nuitka,\" a source-to-source compiler that compiles Python code into optimized C source code, making it harder for checkers and reverse engineers to understand and modify your code.\r\n\r\nFollow these steps to compile your code securely:\r\n\r\n1. Obfuscate your code using tools like the [Pyobfuscate](https://pyob.oxyry.com/) website, which can obfuscate variable names and enhance protection.\r\n2. Import GuardShield to prevent debugging during the execution of your code.\r\n3. Compile the code using Nuitka. Here's an example command:\r\n\r\n```python\r\npython -m nuitka --follow-imports --onefile --standalone --windows-icon-from-ico=icon.ico main.py\r\n```\r\n\r\nAfter compiling the program, you can also provide it with additional protection using the vmprotect application.\r\n\r\nBy following these steps, your code will be well-protected. However, for the utmost security, consider keeping sensitive parts of your code on the server-side as an API and perform critical operations there. This approach adds an extra layer of protection and makes your application almost unbreakable.\r\n\r\n## Request Encryption\r\n\r\nTo enhance the security of your API requests, it is recommended to encrypt the requests or add a fingerprint (custom hash) to the request that can be checked in the application and on the server. Here's an example of AES encryption using the `AESCipher` class:\r\n\r\n```python\r\nimport base64\r\nfrom Crypto.Cipher import AES\r\nfrom Crypto import Random\r\nimport hashlib\r\n\r\nclass AESCipher(object):\r\n    def __init__(self, key):\r\n        self.bs = AES.block_size\r\n        self.key = hashlib.sha256(key.encode()).digest()\r\n\r\n    def encrypt(self, raw):\r\n        raw = self._pad(raw)\r\n        iv = Random.new().read(AES.block_size)\r\n        cipher = AES.new(self.key, AES.MODE_CBC, iv)\r\n        return base64.b64encode(iv + cipher.encrypt(raw.encode()))\r\n\r\n    def decrypt(self, enc):\r\n        enc = base64.b64decode(enc)\r\n        iv = enc[:AES.block_size]\r\n        cipher = AES.new(self.key, AES.MODE_CBC, iv)\r\n        return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')\r\n\r\n    def _pad(self, s):\r\n        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)\r\n\r\n    @staticmethod\r\n    def _unpad(s):\r\n        return s[:-ord(s[len(s)-1:])]\r\n\r\nclass Aes:\r\n    def __init__(self):\r\n        self.key = \"SecKey2115\"\r\n\r\n    def decrypt(self, text, key=None):\r\n        if key is not None:\r\n            self.key = key\r\n        return AESCipher(self.key).decrypt(text)\r\n\r\n    def encrypt(self, text, key=None):\r\n        if key is not None:\r\n            self.key = key\r\n        return AESCipher(self.key).encrypt(text).decode()\r\n```\r\n\r\nYou can use the `Aes` class to encrypt and decrypt your requests using AES encryption. Remember to use a strong and secure key for encryption.\r\n\r\n\r\n## Todo\r\n\r\n- [x] Add sandboxie detection\r\n- [x] Add Vm detection\r\n- [x] Add Better cheat engine detection\r\n- [x] Add DLL injection protection\r\n\r\n      \r\n## Tests\r\n\r\n![Test 1](https://github.com/OxynDev/guardshield/blob/ac9b56845ff0deb4de33363abe4025e119e830b7/temp/1.gif)\r\n\r\n![Test 2](https://github.com/OxynDev/guardshield/blob/4c971d7bebb2a04d54e7819561f5d850655a1881/temp/2.gif)\r\n\r\n![Test 3](https://github.com/OxynDev/guardshield/blob/bd7c082bf12272f35e63988267df144039d70873/temp/3.gif)\r\n\r\n![Test 4](https://github.com/OxynDev/guardshield/blob/4a13905d9b1ea1bbb84e5f72e2061a5347ee98a4/temp/4.gif)\r\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Security lib",
    "version": "1.1.5",
    "project_urls": {
        "Homepage": "https://github.com/OxynDev/guardshield"
    },
    "split_keywords": [
        "python",
        "anti",
        "debugger",
        "security",
        "exe"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "7f96962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056",
                "md5": "3d48f2ac8ed71f91eb56ded7649ad7e6",
                "sha256": "2b95a3cb6c3a8de1bf47d86928562413f5343a1100d616df47f3c42d425737cf"
            },
            "downloads": -1,
            "filename": "guardshield-1.1.5.tar.gz",
            "has_sig": false,
            "md5_digest": "3d48f2ac8ed71f91eb56ded7649ad7e6",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 20511,
            "upload_time": "2024-02-06T16:26:55",
            "upload_time_iso_8601": "2024-02-06T16:26:55.763489Z",
            "url": "https://files.pythonhosted.org/packages/7f/96/962712b69c787840be9c53e713440d1ea6f34cee9c9413159b34c33f8056/guardshield-1.1.5.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-02-06 16:26:55",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "OxynDev",
    "github_project": "guardshield",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "guardshield"
}
        
Elapsed time: 0.22147s