SpoofCall

Spoof call stack for make reversing harder.

If analyze DecryptStack function, reverser can track original function. If you want to prevent, Add mutation for prevent it.

Only supports up to 4 args. If you want to use more args, add args in stack. [rsp+0x20]... +0x8...

Coded in LLVM Clang-cl x64 environment.

How to use

using namespace ST;
Spoof::Call(&function, param1, param2, param3, param4);

Original:

Encrypted:

Spoofed Stack:

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
STSpoofCall		STSpoofCall
.gitattributes		.gitattributes
.gitignore		.gitignore
LICENSE.txt		LICENSE.txt
README.md		README.md