SkillAgentSearch skills...

KryptDis

A Simple Python Extractor, Decompiler, Deobfuscator, and Disassembler that helps you Reverse Engineer Python-Based Malware, Viruses, Ransomware, Spyware, Trojan, Discord Token Stealer/Grabber/Loggers and much More! It acts very similar to Uncompyle6, Decompyle3, Decompyle++, pycdc, and pyinstxtractor!

GenerateConvertImprove

Install / Use

/learn @dekrypted/KryptDis
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

Please 🌟 if this is useful!

🧰 KryptDis

KryptDis is a tool that can be used to find the source code of any Python File! <br> This includes...

  • Obfuscated .py files
  • PyInstaller/Nuitka Packed .exe files

🤔 How does it work?

KryptDis is a .dll file, which can be injected into Python processes. <br> When injected, it executes a code which will get the source code of your script. <br> You can see the code of the disassembler by opening "Disassembler.py"

Once injected, the program will close and a text file will open. <br> This text file contains a report of what it found. <br> This includes the assembly of all functions, content of all variables, imported modules, and URLs!

🆚 Comparison

Source Code:

def main(): print('Hello!'); input()
main()

Obfuscated Code:

from pytransform import pyarmor_runtime
pyarmor_runtime()
__pyarmor__(__name__, __file__, b'\x50\x59\x41\x52\x4d\x4f\x52\x00\x00\x03\x09\x00\x61\x0d\x0d\x0a\x09\x30\xe0\x02\x00\x00\x00\x00\x01\x00\x00\x00\x40\x00\x00\x00\x9e\x01\x00\x00\x00\x00\x00\x18\xc2\xaa\x28\xd5\xee\x4a\x5e\xbb\x8a\x49\x65\x01\x98\x2e\x19\xf3\x00\x00\x00\x00\x00\x00\x00\x00\x1a\x43\xba\xbe\x54\xd0\xca\xba\x06\xda\x8e\xe7\x06\x1a\x14\x63\xc5\x98\x1b\xfc\x5c\x48\xca\x21\x20\x31\x8f\x02\x3e\xff\x69\xf0\x5d\xde\xd5\x28\x1c\x33\xb3\x1d\x9d\xbc\xaf\xb7\x92\xf6\x78\x61\x4f\xfa\xcb\x1e\x85\x68\xe8\x15\x76\x78\x41\xd1\x1f\xaa\xa9\xeb\x75\xf0\x22\x75\xbb\x00\xf1\xb2\x00\xe1\x37\x84\x75\xd1\xa2\x64\xbe\xaf\x39\x77\xcd\x65\x2b\x63\xd1\xbb\xed\x96\x12\xda\xf5\xd4\x8d\x15\x96\x66\x7f\x83\xc3\x44\x0e\xc6\x4a\x2b\x40\x4e\xaf\x75\x0d\x0b\x60\x69\x54\xdd\xfe\xf3\xd2\xdb\xa0\x53\xa1\x26\x01\x0c\x39\x7e\x52\x35\xaf\x46\x17\x14\x3b\x68\x3b\xd5\xf1\xc4\x54\x7f\x27\xf8\x14\x37\x32\x71\x13\xea\xef\xf7\x4e\xe6\x93\xfb\xbc\x58\xa4\xdf\x1e\x42\x3b\xf5\xba\xe7\xed\x51\xd5\x9a\xb2\x1f\xaa\xde\x3c\x02\x1d\x56\x27\x77\xe9\x57\x0c\x46\x1c\xef\x6d\x7a\xd4\xa8\xbb\xb6\x68\xf6\xa7\xf8\x45\xe3\x5a\xb8\xe1\xa4\x0c\x25\x47\x5c\x7e\xa3\x7b\x0e\x2a\x0c\x36\x43\x77\x9a\x28\x90\x35\xf0\x2e\xf0\x8c\x30\x32\xaf\xeb\xe7\x0f\xbf\x4b\x30\x5a\xec\xd8\xc6\x8f\x13\xba\xfb\x03\xf3\xc7\x52\xf8\x54\x86\x3d\x9d\x3d\x14\x90\x43\x57\xd5\xa6\xc6\x57\x13\xb8\x5d\x47\x0f\x90\xe6\xd8\xa5\x15\xd4\x69\xb3\x09\x60\xca\xdb\x1d\x96\x76\xbf\xbe\xe0\x56\x2b\x4a\xda\x46\x31\x38\x0c\xc2\xb6\xf3\x8f\xe9\x8e\xf2\x93\xe0\x48\x95\x37\x69\x5d\x6e\x47\x3d\xf4\x0f\x11\xdb\x64\xb4\x29\x8e\xec\x4e\x09\xbe\xa9\x8d\x63\x04\x81\x1f\xa9\x70\xc8\x1f\xb6\x14\x37\x95\x34\x14\xbb\xcf\xab\xab\x57\x9c\xac\xe8\x22\x00\xbc\xf9\x02\x4f\x1e\x62\xf9\x5f\xd6\x28\x91\x17\x31\x6a\x61\xd1\xc6\x74\xc1\x32\x57\x20\x1a\xe2\xa9\x74\xaf\x55\xd9\xed\x6f\x49\xaf\x17\xfd\x7f\x94\x08\x7a\x7f\xfe\xe3\x04\x73\xe5\x90\x53\x2a\x3a\xfb\x1a\x9a\x2a\x7c\xfd\x7c\x17\x5e\x83\x22\xb7\xe1\x59\x98\x1f\x53\x08\x9b', 2)

Injected Code:

# Report generated by KryptDis.
# PyArmor detected!

Class: Main
Name: main
Type: function
Object ID: 0x0000019406B2E040
Assembly Report: 
  1           0 JUMP_ABSOLUTE           18
              2 NOP
              4 NOP
        >>    6 POP_BLOCK
              8 LOAD_GLOBAL              3 (__armor_exit__)
             10 CALL_FUNCTION            0
             12 POP_TOP
             14 RETURN_VALUE
             16 NOP
        >>   18 LOAD_GLOBAL              2 (__armor_enter__)
             20 CALL_FUNCTION            0
             22 POP_TOP
             24 NOP
             26 NOP
             28 NOP
             30 SETUP_FINALLY           18 (to 50)
             32 LOAD_GLOBAL              0 (print) # Print Function
             34 LOAD_CONST               1 ('Hello!') # String Argument for Print Function
             36 CALL_FUNCTION            1
             38 POP_TOP
             40 LOAD_GLOBAL              1 (input) # Input Function
             42 CALL_FUNCTION            0
             44 POP_TOP
             46 LOAD_CONST               0 (None)
             48 JUMP_ABSOLUTE            6
        >>   50 LOAD_GLOBAL              3 (__armor_exit__)
             52 CALL_FUNCTION            0
             54 POP_TOP
             56 RERAISE
             58 RETURN_VALUE
             60 NOP
             62 NOP
             64 NOP
             66 <203>                   89
             68 <234>                  110
             70 <151>                   30
             72 INPLACE_FLOOR_DIVIDE
             74 BINARY_SUBSCR
             76 <173>                  108
             78 <169>                   56
             80 <53>


Class: Main
Name: pyarmor_runtime
Type: function
Object ID: 0x0000019408808C10
Assembly Report: 
360           0 LOAD_GLOBAL              0 (_pytransform)
              2 LOAD_CONST               0 (None)
              4 IS_OP                    1
              6 POP_JUMP_IF_FALSE       12

361           8 LOAD_CONST               0 (None)
             10 RETURN_VALUE

363     >>   12 SETUP_FINALLY           26 (to 40)

364          14 LOAD_GLOBAL              1 (pyarmor_init)
             16 LOAD_FAST                0 (path)
             18 LOAD_CONST               1 (1)
             20 LOAD_FAST                1 (suffix)
             22 LOAD_FAST                2 (advanced)
             24 LOAD_CONST               2 (('is_runtime', 'suffix', 'advanced'))
             26 CALL_FUNCTION_KW         4
             28 POP_TOP

365          30 LOAD_GLOBAL              2 (init_runtime)
             32 CALL_FUNCTION            0
             34 POP_TOP
             36 POP_BLOCK
             38 JUMP_FORWARD            86 (to 126)

366     >>   40 DUP_TOP
             42 LOAD_GLOBAL              3 (Exception)
             44 JUMP_IF_NOT_EXC_MATCH   124
             46 POP_TOP
             48 STORE_FAST               3 (e)
             50 POP_TOP
             52 SETUP_FINALLY           62 (to 116)

367          54 LOAD_GLOBAL              4 (sys)
             56 LOAD_ATTR                5 (flags)
             58 LOAD_ATTR                6 (debug)
             60 POP_JUMP_IF_TRUE        72
             62 LOAD_GLOBAL              7 (hasattr)
             64 LOAD_GLOBAL              4 (sys)
             66 LOAD_CONST               3 ('_catch_pyarmor')
             68 CALL_FUNCTION            2
             70 POP_JUMP_IF_FALSE       74

368     >>   72 RAISE_VARARGS            0

369     >>   74 LOAD_GLOBAL              4 (sys)
             76 LOAD_ATTR                8 (stderr)
             78 LOAD_METHOD              9 (write)
             80 LOAD_CONST               4 ('%s\n')
             82 LOAD_GLOBAL             10 (str)
             84 LOAD_FAST                3 (e)
             86 CALL_FUNCTION            1
             88 BINARY_MODULO
             90 CALL_METHOD              1
             92 POP_TOP

370          94 LOAD_GLOBAL              4 (sys)
             96 LOAD_METHOD             11 (exit)
             98 LOAD_CONST               1 (1)
            100 CALL_METHOD              1
            102 POP_TOP
            104 POP_BLOCK
            106 POP_EXCEPT
            108 LOAD_CONST               0 (None)
            110 STORE_FAST               3 (e)
            112 DELETE_FAST              3 (e)
            114 JUMP_FORWARD            10 (to 126)
        >>  116 LOAD_CONST               0 (None)
            118 STORE_FAST               3 (e)
            120 DELETE_FAST              3 (e)
            122 RERAISE
        >>  124 RERAISE
        >>  126 LOAD_CONST               0 (None)
            128 RETURN_VALUE


Imports: dis, os, re, sys
Links:

Credits: PyInjector for the Script Injection.

Related Skills

node-connect

343.3k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

92.1k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

343.3k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

343.3k

QQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。

dekrypted

View profile

View on GitHub
GitHub Stars59
CategoryDevelopment
Updated9d ago
Forks6
dekrypted/KryptDis

Languages

C++

Security Score

80/100

Audited on Mar 23, 2026

No findings