* ****     *       *       *       *
*      *      *   * *     * *   *      *
  *     **       *           *       **

obsidian protector - x64 pe packer

introduction:

obsidian is a custom pe packer / executable protector written in C. obsidian pro helps to protect your executables from reverse engineering, cracking, and av detection. it uses the latest and most advanced packing and anti-analysis techniques.

community edition is universal (arm64 + amd64) and uses a high-entropy xorshift+ algorithm, while the pro version currently only supports amd64 executables and uses SPECK-128 encryption for speed and security.

the community edition is available for free on github. it includes a stub template so that you can implement your own techniques and create your own custom stub. combined with the full packer template, you can create almost anything you want, even highly advanced techniques, if you know how. you can find more info in the about tab.

features:

community edition-v1.3:

• ARM64 support

• improved xor algorithm

• hash-based import lookups

• compiled xorshift64+ stub (stubs/stub.bin)

• high entropy ASLR support

• stub template (BYOS - bring your own stub)

• extensive debug output (-DDEBUG & --debug flags)

• randomized config marker

• zeroed out optional headers

• secure key generation

• checksum recalculation

• pe section manipulation

• progress bar and colors

pro edition-v1.0:

• SPECK 128/128 CTR encryption

• aPlib compression

• resource encryption

• extensive syscall anti-debug (--ultra)

• anti-sandbox

• hmac integrity checks

• ollvm-22 obfuscated

to-do:

community and pro edition:

• pyinstaller support

• remain updated to keep ahead of av detection

• next-gen SGN encoding (pro)

commercial edition:

• gui

• license support/hardware binding

• anti-dump protections

• online key provisioning

• DRM-like protections

• llvm obfuscation

usage:

community edition:

.\obsidian.exe [--debug] program.exe packed.exe

pro:

.\obsidian.exe [--ultra] [--compress] program.exe packed.exe

compiling:

• mingw64 tool suite available at https://winlibs.com/

• windbg or other debugger

• python interpreter for clean.py

detections:

please report any AV detections on signal: vertigo.66, or via email: info@obsidian.st

community edition license:

this software is licensed under the modified Anti-Capitalist Software License v1.4 found on github.

pro and commercial edition license:

this software is licensed under the EULA found here

Community Edition

for learning, testing, or simple pentesting, obsidian community edition works just fine. if you know how to code, the template provided in the repo can be edited in any way you like to create a personal stub.

next page > view on github

Commercial Edition

obsidian commercial is heavy-duty protection for people who want to protect intellectual property and manage licenses in their own way. it includes a self-hosted online key provisioning framework that can be customized to suit your needs, it also has advanced anti-crack technology to stop pirates from ripping you off.

About Obsidian Protector

obsidian protector is a state-of-the-art executable protector for windows. there are three versions: community edition, pro, and commercial.

obsidian.st PGP Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEaczwTBYJKwYBBAHaRw8BAQdAucjyQlvrOAHiQyMMf2FCkgPTf0n6IDkWwMei
LYulK7C0H29ic2lkaWFuLnN0KCk8aW5mb0BvYnNpZGlhbi5zdD6ItQQTFgoAXRYh
BPotBn54VXqCm5dLcEZ2ThVWOXhFBQJpzPBMGxSAAAAAAAQADm1hbnUyLDIuNSsx
LjEyLDAsMwIbIwUJAPFQjgULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRBG
dk4VVjl4RbAuAQCJwMUq3tdJlHgSSMW+9OTr/+1hz6ZoMwow7Z0WHh+b1QEAnbUr
rlzZ2fRCqjVHi7GgdgAaF83uGWUI+IKtXredRgu4OARpzPBTEgorBgEEAZdVAQUB
AQdAaQRGswhJd3ZXYh45OsxR1EaeFx79oRxj4ihrkufWFl4DAQgHiJoEGBYKAEIW
IQT6LQZ+eFV6gpuXS3BGdk4VVjl4RQUCaczwUxsUgAAAAAAEAA5tYW51MiwyLjUr
MS4xMiwwLDMCGwwFCQDxUIcACgkQRnZOFVY5eEV7egD+Ip9md9MptOPK1XouS+PT
YUcamT+PDoZ5fJ8nPKqzOqkBANdYNXUni8j9BCr0+ZCaXU0YgJClStn8Gs5Fsul6
8zkJ
=D1b/
-----END PGP PUBLIC KEY BLOCK-----

vertigo's PGP Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEaUr9/RYJKwYBBAHaRw8BAQdAJyFooxMVenmj+oHMyHMfVsrEtmc0hJEx2yyy
lgemsvW0HnZlcnRpZ28oKTx2ZXJ0aWdvQG9ic2lkaWFuLnN0PoivBBMWCgBXFiEE
j2+nDE4lDethPeLQf/LJ5ckzMzMFAmnYv9cbFIAAAAAABAAObWFudTIsMi41KzEu
MTIsMCwzAhsjBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEH/yyeXJMzMz
DRkA/AzpstQRTTp90hhD9xhJeg96xEFNjaxMBAz1O1FJP8v0AP94vBwfhwwWOn/9
gd4ETISbAnC+FSPm0h6SxXXZkcOhB7g4BGlK/iESCisGAQQBl1UBBQEBB0AujQdg
+6iZ1P7M9Jj1JpEKv6n3UV6flAItpdK5Ax6CGwMBCAeIeAQYFgoAIBYhBI9vpwxO
JQ3rYT3i0H/yyeXJMzMzBQJpSv4hAhsMAAoJEH/yyeXJMzMz7WUBAK2wU34dSo39
6jaBva/foYiYLpDjf2ZQ/z3/BslGPOADAP0fiAnigFXOiQ7vHHhUd+Q8lWyzohxb
wLK0YYm9VnyaCg==
=MSyN
-----END PGP PUBLIC KEY BLOCK-----
          

Privacy Policy

your privacy is extremely important to us.

• this website does not contain any tracking cookies or scripts

• we do not require email to sign up

• your data is stored securely behind tor

• we accept payment in monero for enhanced anonymity

• monero transaction data is removed within 7 days

• no personal/license identifiers are in any packed executable

• you can delete your account at any time in settings tab

we do not collect any identifying data. additionally, our tor-over-clearnet architecture makes it difficult to enforce any warrants or compromise data we do collect.

Mission Statement

fundamentally, obsidian was created with the purpose of democratizing advanced software protection. our world is becoming more and more advanced by the day, and the majority of the benefits are going to those in positions of high power.

regular people and non-corporations are being priced out of markets from housing and agriculture, to fuel and groceries. the rich control everything, and they leave the rest of us with scraps.

obsidian exists for the people. by only accepting direct monero and litecoin, we do not participate in regular corporate banking. by connecting you to the backend via tor and not collecting any personally identifying data, we operate as an anonymized, yet accessible service.

as stated in our licenses, we do not do business with law enforcement or military, or anybody working for or under either. as part of our efforts to support the community, we also operate a high bandwidth tor middle relay as well as an i2p relay.

if you would like to donate to the cause, please use the following addresses:

xmr:

42BNJHeCdcZdKU7anbfPNsYyVo7ARCAN62eLqG86cEuYTbwbAEb5ko1QqjfHotJ3tViB5taKtVYcMBj59LZA21q64KfiDc5

ltc:

ltc1qu4y5lw2enh0gsf53etz3z54lca6866knpayxq9

FAQ

who is pro edition for?

pro edition is for developers, pentesters, security consultants, and anybody wanting to protect their code from analysis.

what payment methods do you accept?

we accept monero (xmr) and litecoin (ltc).

will anti-virus flag my packed executables?

obsidian uses advanced techniques to evade anti-virus detection, however some anti-virus may flag any packed executable simply for being packed.

can i transfer my license to another machine?

yes. each time you download a new copy of obsidian pro, it will automatically relink to the first machine the new copy runs on, invalidating the old copy.

what is the refund policy?

all purchases are non-refundable, unless you encounter a critical technical issue that we are unable to resolve. then you will be refunded up to 100% of the value.

what happens if i lose my account number?

if you have made a purchase with us, you can recover your account by contacting support and providing tx proof.

what kind of data do you collect?

we only collect data that is absolutely necessary to provide the service to you. we do not collect any personally identifying info and our database is AES-256 encrypted.

why do you use tor?

we use tor to provide anonymity for both the server and the user. accounts are tracked by account number and hwid hash rather than ip or personal info.

why do you use SPECK-128?

SPECK-128 is a lightweight block cipher designed by the NSA specifically optimized for performance in resource constrained environments. it uses a simple (yet secure) ARX (add-rotate-xor) set of operations that utilize native x64 cpu capabilities, thereby executing all 34 rounds at lightning speed without requiring specialized hardware acceleration like AES. SPECK is quoted to be up to 5x faster than AES while maintaining comparable cryptographic security.

i just checked the status page, it says tor is down... what's with that?

tor is inherently unstable as it involves constantly creating and killing tor circuits to the destination. any service that relies on tor has to manage the case of intermittent network failures. however, tor is also very resilient, and is very rarely unreachable for long. the status page updates every minute.

do you support arm64 executables?

partially. obsidian ce (community edition) fully supports arm64 executables, however obsidian pro only support x86_64 executables for now. we are working on bringing arm64 support to pro edition soon. obsidian pro is capable of packing on either architecture, given that the executable being packed is x86_64.

why do i get logged out whenever i reload the page?

this happens because we use websockets in order to facilitate communication directly with our backend (keykeeper) via tor without the user needing the tor browser. normal http is like sending letters signed with your name (cookie), whereas websockets are more like a phone call. this allow an interactive UI without reloading the page with every request.

what is the difference between community edition and pro?

community edition does not offer any protection beyond a custom xor algorithm. it is obfuscation, not encryption. pro edition uses NSA cipher SPECK with 128 bit key to protect your payload. pro also contains syscall anti-debug, anti-sandbox, hmac integrity checks, and ollvm-22 obfuscation.

what exactly stops someone from debugging/bypassing the protections of obsidian pro on my packed executables? how strong is the anti-debugging?

obsidian pro uses direct syscalls to detect both user-mode and kernel-mode debuggers, as well as tools that attempt to disguise the existence of a debugger like scyllahide. this works because syscalls bypass the user-mode hooks that these tools rely on to prevent detection.

how often is obsidian updated?

obsidian will be regularly updated to keep on top of av detection and to add new techniques and protections. everything from the packer, the website, the backend, the support, and the infrastructure is managed by a single developer. this means that updates can be released at the speed of thought, no deliberation required. if you need support, you can speak directly with me.

can i use my copy of obsidian to protect my friend's executables?

yes. while obsidian pro is cryptographically locked to a single machine, you are authorized by the license to pack any executable you like, including one developed by someone else, as long as you comply with the explicit terms of the license.

can i exclude certain parts of my executable from the protections introduced by obsidian pro?

no. obsidian pro packs and encrypts the entire executable including all resources, data, strings, and functions. this is deliberate in order to prevent data leakage that would weaken the packing protection. fortunately, obsidian pro fully restores all parts of the executable at runtime to ensure that this does not effect execution.

do i need an internet connection to use obsidian pro?

yes. an internet connection is required to pack an exe with obsidian pro as the decryption key for your copy of obsidian is stored in keykeeper, held behind tor. you do not need the tor daemon or the tor browser, as we have setup a dedicated subdomain on our website to route verification traffic through tor to the backend. crucially, executables packed with obsidian pro DO NOT need an internet connection to run, as they store the key locally in the file. obsidian pro packed exes do NOT have ANY networking capabilities aside from what is built into the payload.

uh oh. you said license verification happens over tor. does that mean i am going to be waiting forever to pack a single executable?

no. in fact, obsidian pro license verification generally takes 2-4 seconds to complete. in rare cases, it may take around 5-7 seconds to complete.

what do i do if my executable does not work after being packed with obsidian pro?

first, we suggest that you contact support at info@obsidian.st immediately. we will investigate the incompatibility and attempt to help you fix it. however, should it turn out that your executable is simply incompatible, and you no longer have any use for obsidian pro, we offer refunds of up to 100% of the license value, assuming you have tried in good faith to get it to work.

what happens if someone dumps the memory of my packed executable during runtime?

obsidian pro does not include anti-dumping protections as it is not designed to protect intellectual property, but rather to assist in signature evasion as well as static and dynamic analysis. if you need to protect intellectual property contained within the executable from dumping, then we suggest that you look into obsidian commercial.

what is commercial edition?

commercial edition is an unreleased version of obsidian protector that is still in the works. it will be for serious developers who want to protect their intellectual property and will include a full gui (graphical user interface) as well as custom licensing protections and advanced intellectual property protection. for more information about the unreleased obsidian commerical, contact info@obsidian.st.

Changelog

version release: ce_v1.3

• ARM64 now fully supported (new stub variant)

• packer now automatically detects architecture

• import resolution now only walks the export table once (optimization)

• new stub handles ARM64 specific relocations (ASLR supported)

version release: pro_v1

version release: ce_v1.2

• adjusted colors to match web

• compiled stub with llvm/clang instead of gcc

• aggressive size optimization (38.1% size reduction)

version release: ce_v1.1

• improved xor algorithm (up to 140% higher entropy)

• hash-based imports (no more strings in packed exe)

version release: ce_v1

Roadmap:

Q1 2026

• create and release a working xor pe packer for free complete

• build a more advanced version of the same packercomplete

• final polishing on pro versioncomplete

Q2 2026

• finalize obsidian pro licensing protectionscomplete

• setup tor-over-clearnet backendcomplete

• open obsidian.st for businesscomplete

• add support for arm64 to cecomplete

• add support for arm64 to pro editionin-progress

Q3 2026

• add support for pyinstallerin-progress

• start work on obsidian commercialin-progress

• keep obsidian updated to stay ahead of av detectionongoing

community edition license:

ANTI-CAPITALIST SOFTWARE LICENSE (v 1.4 modified)

Copyright (c) 2026 vertigo

This is anti-capitalist software, released for free use by individuals and organizations that do not operate by capitalist principles.

Permission is hereby granted, free of charge, to any person or organization (the "User") obtaining a copy of this software and associated documentation files (the "Software"), to use, copy, modify, merge, and/or distribute copies of the software, subject to the following conditions:

1. The above copyright notice and this permission notice shall be included in all copies or modified versions of the Software.

2. The User is one of the following:
  a. An individual person, laboring for themselves
  b. A non-profit organization
  c. An educational institution
  d. An organization that seeks shared profit for all of its members and/or gives all its members equal voting rights

3. If the User is an organization, then the User is not law enforcement or military, or working for or under either.

4. If the Software is being distributed, it is being distributed for free and not for-profit.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

pro and commercial edition license:

END-USER LICENSE AGREEMENT
This End-User License Agreement (EULA) is a legal agreement between you (either as an individual or on behalf of an entity) and vertigo regarding your use of obsidian.exe's desktop application, and associated documentation (the "Software"). IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS EULA, DO NOT INSTALL, USE OR COPY THE SOFTWARE.
Summary

You must agree to all of the terms of this EULA to use this Software.
The Software automatically communicates with its server for one purpose: confirming the License integrity is upheld.
This Software is provided "as-is" with no warranties, and you agree that vertigo is not liable for anything you do with it.

Agreement
By downloading, installing, using, or copying the Software, you accept and agree to be bound by the terms of this EULA. If you do not agree to all of the terms of this EULA, you may not download, install, use or copy the Software.
License
Copyright (c) 2026 vertigo
This EULA entitles you to install as many copies of the Software as your subscription allows. This software is licensed, not sold. vertigo reserves all other rights not granted by this EULA.
Restrictions

1. You may not distribute obsidian pro to anybody else. Your copy is directly linked to your Hardware Identifier and your License ID. You can transfer the product to another person/machine on the web portal.

2. You may not modify obsidian pro in any way. Any attempt to bypass the Licensing protections will result in immediate license termination and potential legal action.

3. Law enforcement or military, or anybody working for or under law enforcement or the military are not permitted to use, purchase, or subscribe to this product.

Privacy Notices
The Software automatically communicates with its server for one purpose: confirming the License integrity is upheld. We do not collect any telemetry or usage data aside from your License ID, your Allowed Usage Time, your Hardware Identifier, your IP Address, and the Date/Time of access.
We do not share any of your personal data with external entities aside from three specific scenarios:
1. You use the software to protect executables that assist in the distribution, storing, or access of CSAM.

2. You use the software to protect executables that compromise the integrity of Hospitals, Power Grids, and other essential services.

3. You use the software to protect executables that aid in the stalking and harassment of an intimate partner.

Your License will be immediately terminated if you engage in any of the above actions.
To protect your data from leaking, your data is held and processed behind the Tor Anonymity Network. Additionally, there is no personal or License identifier placed into the final Packed Executable. If you would like to learn more about the specific information we collect, please visit the privacy policy found on the about tab.
Source Available Licenses
Certain components of the Software may be subject to the Anti-Capitalist Software License, which means that they can be modified and distributed freely by certain people, detailed in the terms of the License.
To the extent there is conflict between the license terms covering the ACSL Components and this EULA, the terms of ACSL License will override the restrictions of this EULA.
ACSL v1.4 Components:
Obsidian Community Edition
Obsidian KeyKeeper

Payment Policy:
We accept payment in Monero (XMR) to protect the privacy of our customers. We also accept Litecoin (LTC).

Exchanges that list Monero (XMR):

https://stealthex.io

https://trocador.app


To get LTC (recommended) or BTC to exchange for Monero (XMR):
Buy BTC/LTC with card, then swap to XMR with one of the above exchanges.

https://www.moonpay.com (recommended)

https://coinbase.com

Where to find more exchanges:
https://kycnot.me/
Refunds:
All transactions made under this agreement are non-refundable unless you encounter a critical technical issue with obsidian.exe that we cannot resolve. In this situation, we will terminate your License and refund you up to 100% of value.
Updates:
You will receive access to new updates as they become available for the duration of your subscription.
Intellectual Property Notices
The Software and all worldwide copyrights, trade secrets, and other intellectual property rights therein are the exclusive property of vertigo. vertigo reserves all rights in and to the Software not expressly granted to you in this EULA.
Disclaimers and Limitations on Liability
THE SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, AND NO WARRANTY, EITHER EXPRESS OR IMPLIED, IS GIVEN. YOUR USE OF THE SOFTWARE IS AT YOUR SOLE RISK. vertigo does not warrant that (i) the Software will meet your specific requirements; (ii) the Software is fully compatible with any particular platform; (iii) your use of the Software will be uninterrupted, timely, secure, or error-free; (iv) the results that may be obtained from the use of the Software will be accurate or reliable; (v) the quality of any products, services, information, or other material purchased or obtained by you through the Software will meet your expectations; or (vi) any errors in the Software will be corrected.

YOU EXPRESSLY UNDERSTAND AND AGREE THAT vertigo SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER INTANGIBLE LOSSES (EVEN IF vertigo HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES) RELATED TO THE SOFTWARE, including, for example: (i) the use or the inability to use the Software; (ii) the cost of procurement of substitute goods and services resulting from any goods, data, information or services purchased or obtained or messages received or transactions entered into through or from the Software; (iii) unauthorized access to or alteration of your transmissions or data; (iv) statements or conduct of any third-party on the Software; (v) or any other matter relating to the Software.

vertigo reserves the right at any time and from time to time to modify or discontinue, temporarily or permanently, the Software (or any part thereof) with or without notice. vertigo shall not be liable to you or to any third-party for any modification, price change, suspension or discontinuance of the Software.

Log In

account number:

password:

or register

Register

password:

confirm password:

already have an account? login

Account Created

your account number:

save this number - you will need it to log in

Source Available

obsidian community edition is a custom universal PE packer and executable protector written in C.

the community edition packer uses the enhanced xorshift+ algorithm to obfuscate your payload with extremely high entropy. there is also a template available in the repo that you can fill in with your own custom code.

obsidian keykeeper is the online key provisioning and license management server that you interact with in the transactions tab. it sits behind tor and processes payments and license provisioning in real-time through a proxy located on the server running this website. this allows you, the client to directly access the hidden service backend through the clearnet.

this is anti-capitalist software, released for free use by individuals and organizations that do not operate by capitalist principles.

Contact

for feedback, support, or enquiries:

email address: info@obsidian.st

signal: vertigo.66

Pro Edition

obsidian pro protects your payloads from both automated and human-lead analysis using multiple vectors.

Purchase License

obsidian pro license: $60 USD

length: 6 months

users-per-license: 1

license: see EULA

for commercial edition click here

Purchase License

obsidian commercial license: $200 USD

length: 6 months

users-per-license: 20

license: see EULA

Payment Method - currently only accepting litecoin and monero

monero (anonymous) litecoin (fast)

Monero Payment

terms and conditions:

• you will be issued the license after 10 confirmations

• you must send the exact amount required

• all payments are non-refundable, see terms

• payment information is private and anonymous

• addresses are valid for 24 hrs

click below to start a new monero transaction

click here to view ongoing transaction

max 1 transaction per hour

Litecoin Payment

terms and conditions:

• you will be issued the license after 6 confirmations

• you must send the exact amount required

• all payments are non-refundable, see terms

• payment information is visible on the blockchain

• addresses are valid for 24 hrs

click below to start a new litecoin transaction

click here to view ongoing transaction

max 1 transaction per hour

Pro Features

• SPECK 128/128 CTR encryption

• aPlib compression

• resource encryption

• extensive syscall anti-debug (--ultra)

• anti-sandbox

• CBC-MAC integrity checks

• hidden import table

• ollvm-22 obfuscated

How It Evades

obsidian pro uses many techniques to avoid anti-virus detection. among them are:

• encrypting the payload with SPECK-128 cipher

• avoiding the use of rwx memory

• avoiding classic loader patterns (sgn loaders, donut, etc)

• importing all required apis with hashes instead of strings

• using direct syscalls to evade user-mode hooks

• fully supporting ASLR

• recalculating the checksum for the packed file

• using ollvm-22 obfuscation for critical components

Manage License

license id:

time remaining:

license type:

linked hwid:

Download

warning: this product will cryptographically bind to the first machine it runs on

loading...

History

Balance

monero balance: 0.00000000 XMR

litecoin balance: 0.00000000 LTC

usd credits: $0.00 USD

Withdraw

address:

Withdrawing

broadcasting transaction...

Deposit Credit

once your license time is up, any funds in your account will be used to extend them at ~14c an hour.

deposit using:

Add Monero

amount:

Add Litecoin

amount:

Profile

account number:

license:

manage license

Settings

change password

delete account

Change Password

current password:

new password:

Delete Account

enter password to confirm:

• any licenses you have will be terminated

• any crypto you haven't withdrawn will be forfeited to us

• your data is removed immediately from the database

• once you press delete, your profile will be irrecoverable

Delete Account

deleting account...