jaws icon indicating copy to clipboard operation
jaws copied to clipboard

Published 20 hours ago verified publisher icon lawndoc

Metadata

Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

Jaws Logo

Jaws is an invisible interpreted programming language that was created for antivirus research. Since Jaws code is composed entirely of whitespace characters, it can easily coexist with other programming languages to create polyglot code.

The research behind Jaws aims to build awareness that unknown interpreters can be dangerous. Behavior based detection is becoming the gold standard -- even AI-based static models can only detect the types of threats they've been trained on. You could add signatures for Jaws, but nothing is stopping an advanced attacker from reproducing their own version of this in a different way. When the "code" of the malware is completely unreadable but can execute anyways, it exploits a fundamental flaw in the foundation of static analysis tools. To read more about Jaws and why it was created, please refer to my blog post or my undergrad honors thesis.

Tools for developing Jaws programs can be found in the various directories of this repository.

Install

You can install all the programs by running the following command in the top level directory:

$ make && make install <-- (you will be prompted for your sudo password)

Tools

jaws

Jaws virtual machine

Jaws is an interpreted language, so a virtual machine has been created to run Jaws programs. The virtual machine source code and language specification for Jaws can be found in the jawsVM directory.

finc

Fin-to-Jaws compiler

Because Jaws instructions are entirely composed of invisible characters, a visible version of Jaws, called Fin, has been created. Fin allows you to write Jaws programs in a visible, human-debuggable fashion. Once you have written a Fin program, you can compile it to Jaws using the 'finc' compiler. The compiler source code and language specification for Fin can be found in the finCompiler directory.

Roadmap

LLVM Target

Jaws backend

Eventually, I'd like to get Jaws to the point where it can be used as an LLVM backend target with the intention of being able to compile C to Jaws. That would make Jaws development a breeze.

Code Injection

Jaws injector

I want to create a tool that can take Jaws code and inject it into many different file types including:

  • non-whitespace controlled file formats
    • C, Java, etc.
    • markup files
    • text files
  • whitespace controlled file formats
    • Python, etc.
  • image files
    • JPG, PNG, GIF, etc.

Metadata

231
Stars
9
Forks
Watchers

Owner

verified publisher icon lawndoc

Metadata

Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

Back