You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
six ca864aa4d5 Return 1 year ago
LICENSE Initial commit 1 year ago Return 1 year ago Return 1 year ago


dEncexdel encrypts a linux executable or decrypts it into memory, executes it and deletes the decrypted file.

Practical uses: execute a service from memory without storing the plain source or the binary on disk, secure a PoC exploit.

dEncexdel uses /dev/shm/.


  • You can have executables that are encrypted.
  • Does not write to the physical drive, but to memory.


  • Goes only as far as execution.
  • The executed binary can still be read from memory by root (eg. cat /proc/PID/bin > /tmp/bin)


Be careful, -e overwrites the passed executable

python3 -e executable # encrypt

python3 -x executable # decrypt and execute

python3 -r executable # just stdout the decrypted data