Debloat

Latest version: v1.6.2

Safety actively analyzes 714860 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 5

1.5.1

- Made modifications recommended by gdesmar for memory improvements.
- Added the ability to pass the size of the file to the process_pe method
- This reduces memory usage to calculate the length
- Bug fixes suggested by gdesmar such as passing the correct object type
- New compression algorithim implemented
- See https://github.com/Squiblydoo/debloat/pull/18 to learn more about performance enhancements.
- Implemented the optional "beginning_file_size" parameter for "process_pe" in both main.py and gui.py
- Fixed typecasting bug introduced in 1.5.0 in relation to the "write_multiple_files" method

1.5.0

- Added capability to handle Nullsoft Scriptable Install System (NSIS, aka Nullsoft) executables.
- Setup instructions and binaries are extracted from the Nullsoft installer to a separate directory.
- At this time, the user needs to resubmit files if they are bloated. Currently, debloat has no way of determining which files are malicious.

- Fully renamed "Unsafe" Processing to "last_ditch_processing"
- Last ditch better represents its purpose.
- "Unsafe" is a name that is often used in the context of untrusted code.
- Fixed inconsistency in naming of "last ditch processing"

- Adjusted how debloat determines if junk was removed or not:
- Previously, it could think junk removed if 1 or more bytes were removed or if only the signature was removed.
- Now debloat checks for a 10% removal at the least

- Updated documentation regarding Linux build command.
- This had been updated elsewhere, but the update had not made it to the README

1.4.3

- Fixed a logic bug where debloating a section did not debloat the proper section.
- This worked previously when the bloated section was the last section
- Finished a TODO item: namely, change all the offsets in the sections when the bloated section wasn't the last section of the binary.

1.4.2

- Added checkbox for unsafe processing in GUI
- Moved RSRC class out of processor into utilities
- Fixed bug where chunk_start could fail to be given a value with the result that the program would stop functioning but not inform the user. Better error handling in this case to come.

1.4.1

- Fixed loading PE in GUI

1.4.0

- Fixed headers in a few use cases where I had missed them before.
- Fixed removing resource method. Works properly now.
- Fixed instance where the dynamic trim regex could pick up illegal characters
- Now last_loads PE for better loading time.
- Now manipuates PE data in the buffer.

Page 4 of 5

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.