-
-
Notifications
You must be signed in to change notification settings - Fork 0
Security
FullStackHero edited this page Aug 3, 2025
·
1 revision
This document explains how the VirusTotal File Scanner is protected at runtime and what measures are taken to prevent tampering, unauthorized use, or reverse engineering.
The main application logic in app.py is encrypted using PyArmor β a commercial-grade code obfuscator and runtime protector for Python.
-
app.pyis not readable or executable on its own - At runtime, it is decrypted and executed using
pyarmor_runtime.pyd - Without
pyarmor_runtime.pyd, the app will not run
This is a binary runtime loader used to decrypt and run PyArmor-encrypted scripts.
- Platform-specific (Windows/Linux/macOS)
- Must remain in:
pyarmor_runtime_000000/ - Do not rename, remove, or edit this file
If this file is missing, users will get:
RuntimeError: this script is encrypted by pyarmor, but no runtime library is foundSince the logic is encrypted:
- Source code is protected from inspection or modification
- Logic cannot be modified or bypassed at runtime
- Attempts to patch or alter the runtime will cause failure
For security-sensitive tools like a VT scanner:
- Itβs important that the logic cannot be altered or misused
- Encryption ensures that no API key harvesting, logic changes, or unauthorized debugging is possible
- Always include the full folder:
pyarmor_runtime_000000/ - Include:
__init__.pypyarmor_runtime.pyd
- Avoid uploading the unencrypted
app.pyor exposing build internals
No, not without serious effort:
- The Python bytecode is encrypted
- The runtime is native compiled
- Tools like
uncompyle6do not work on encrypted.pyc
- PyArmor is not a cryptographic tool β it protects structure, not secrets
- Do not embed API keys or secrets in encrypted
app.pyβ useconfig.pyinstead
- Encrypted with PyArmor
- Relies on
pyarmor_runtime.pydto execute - Designed to prevent unauthorized access to internal logic
- Can be safely distributed to users without exposing core functionality