Azure DevOps pipelines for .NET binaries obfuscation

A build pipeline is scheduled to run every morning at 2AM UTC + a release pipeline scheduled at 3AM UTC to push the artifacts from the previous pipeline here - Obfuscated

The build pipeline does the following:

  1. git clones all the individual binaries from devs repos
  2. runs each of them through InvisibilityCloak
  3. random names are chosen for the new binaries from names.txt
  4. keeps a record of all binaries names and their corresponding renames (in correlation.txt)
  5. compiles and builds all the binaries
  6. runs the compiled versions of each binary through ConfuserEx

There is one caveat with InvisibilityCloak, it doesn't support repos with multiple projects in them so repos such as Farmer or InternalMonologue, etc have not been run through it but they're still obfuscated with ConfuserEx. Such repos will keep their original name.

The list of currently included repos in the pipelines:

  • Farmer
  • Rubeus
  • Seatbelt
  • SafetyKatz
  • SharpUp
  • SharpDPAPI
  • Certify
  • KrbRelay
  • SharpWebServer
  • SharpWMI
  • SharpMiniDump
  • Internal-Monologue
  • Whisker
  • StandIn
  • SharpView
  • SharpHound
  • MalSCCM
  • SharpWSUS
  • netsh_acl_enumerator
  • noPac
  • SharpLAPS
  • SharpSystemTrigger
  • ROADtoken
  • LiquidSnake
  • SearchOutlook

Credits

mkaring for the awesome ConfuserEx project.

h4wkst3r for another awesome project - InvisibilityCloak