Tigress is a diversifying virtualizer/obfuscator for the C language that supports many novel defenses against both static and dynamic reverse engineering and de-virtualization attacks.

In particular, Tigress protects against static de-virtualization by generating virtual instruction sets of arbitrary complexity and diversity, by producing interpreters with multiple types of instruction dispatch, and by inserting code for anti alias analysis. Tigress protects against dynamic de-virtualization by merging the real code with bogus functions, by inserting implicit flow, and by creating slowly-executing reentrant interpreters. Tigress implements its own version of code packing through the use of runtime code generation. Finally, Tigress' dynamic transformation provides a generalized form of continuous runtime code modification.

  • Tigress v 2.1 is now available for download! New features include experimental support for ARM v7 (Raspberry Pi) and dynamic obfuscation of virtualized code. Also included is a large test suite that can test the installation. See "tigress --test" for instructions.
  • Jonathan Salwan solved some of our challenges!
  • Sebastian Millius solved challenge 0000!
  • The slides from my Eurocrypt 2016 invited talk are here. The talk itself is here.
  • Our paper Code Obfuscation Against Symbolic Execution Attacks (Sebastian Banescu, Christian Collberg, Vijay Ganesh, Zack Newsham, Alexander Pretschner) won the Outstanding Paper Award at ACSAC'16!


Tigress is a source-to-source transformer built in OCaml on top of CIL and MyJit:

Tigress supports all of the C99 language, including gcc extensions. The source-to-source design means that the transformed code can be easily examined, which is useful in a pedagogical setting. Also, Tigress' output, once compiled and stripped of symbols, is a good target for reverse engineering and de-virtualization exercises. Tigress' design is similar to that of commercial tools, such as Cloakware/IRDETO's C/C++ Transcoder.

The user interacts with Tigress by giving an input C file, a seed, and a sequence of transformations:



Tigress supports three major transformations:

In addition, Tigress has a collection of supporting transformations that can help with resilience to attack, diversity, and stealth:

Tigress also supports three transformations designed to thwart particular static and dynamic analyses:



Tigress is designed such that, from a single source program, it is possible to generate large numbers of highly diversified variants. This diversity is both static and dynamic, i.e. two variants will differ both in their machine code and in the resulting instruction traces. In essence, every decision Tigress makes is dependent on a randomization seed, controllable by the user. There are two major sources of diversity:



Research: Tigress was originally designed as the backend of a system for remote attestation. The idea was to force rapid updates to the code running on an untrusted remote site in order to increase the workload of the attacker who has to crack, and re-crack, the code as it is constantly updated.

Other applications of Tigress include:

Benchmarking: We are planning to use Tigress to generate collections of software protection benchmark programs. These will provide the community with randomly generated attack targets to form a basis for uniform and generally accepted evaluation procedures for software protection algorithms. In particular, we are hoping future de-virtualization research projects will use Tigress-generated interpreters as one of their attack targets.

Challenges: To stimulate reverse engineering research, we are publishing sets of challenge problems generated by Tigress. Prizes will be awarded to those who are first to crack.

Education. In our classes we use Tigress to generate reverse engineering exercises and take-home exams for the students. We use Tigress' RandomFuns transformation to generate a unique random program for every student in the class and protect it using some appropriate combination of transformations. The difficulty of the exercises can be easily varied by picking different sequences of transformations, and, since diversity guarantees that every program instance is unique, cheating is made more difficult.