A tool for making python source difficult to read.

Overview

obscurepy

Build Status codecov

Description

A tool for obscuring, or making python source code difficult to read.

Table of Contents

  1. Installation
  2. Limitations
  3. Usage
  4. Disclaimer
  5. License

Installation

This command will install obscurepy:

python -m pip install obscurepy

I would recommend installing it in a virtual environment as opposed to globally:

python -m venv venv
source venv/bin/activate
python -m pip install obscurepy

Limitations

As this program is still in active development, there are many limitations. Below are some examples of what obscurepy can do. If it isn't in the example, obscurepy probably can't do it. This example serves to represent the ablities of each release. This example should be functional, both the original source and obscured source should execute.

An example:

class FirstClass:
    pass


class SecondClass(FirstClass):
    # this is a comment
    class_variable = 6

    def __init__(self, param_1):
        self.my_property = param_1

    def class_function(self, param_1, param_2):
        self.prop_1 = param_1
        self.prop_2 = param_2


def first_function():
    def with_another():
        c = 42
        return c
    return with_another()

def second_function(param_1, param_2, param_3):
    d = 'string'
    return d + str(param_1)

def third_function():
    e = 100.0
    return e

a = FirstClass()

b = SecondClass(1)

print(first_function())

print(second_function(1, 2, 3))

print(third_function())

a = SecondClass(1)

a.class_function(1, 2)

first_function()
class _0x3fe:
    pass

class _0x452(_0x3fe):
    _0x5bb = int('0x6', 16)

    def __init__(_0x1aa, _0x2a1):
        _0x1aa._0x4ca = _0x2a1

    def _0x5db(_0x1aa, _0x2a1, _0x2a2):
        _0x1aa._0x251 = _0x2a1
        _0x1aa._0x252 = _0x2a2

def _0x5ed():

    def _0x50c():
        _0x63 = int('0x2a', 16)
        return _0x63
    return _0x50c()

def _0x641(_0x2a1, _0x2a2, _0x2a3):
    _0x64 = ''.join([chr(x) for x in [115, 116, 114, 105, 110, 103]])
    return _0x64 + str(_0x2a1)

def _0x5e0():
    _0x65 = float.fromhex('0x1.9000000000000p+6')
    return _0x65
_0x61 = _0x3fe()
_0x62 = _0x452(int('0x1', 16))
print(_0x5ed())
print(_0x641(int('0x1', 16), int('0x2', 16), int('0x3', 16)))
print(_0x5e0())
_0x61 = _0x452(int('0x1', 16))
_0x61._0x5db(int('0x1', 16), int('0x2', 16))
_0x5ed()

Usage

The following command can be used to obscure a single file:

obscure --filepath=my_module.py

The following command can be used to obscure a multi file project:

obscure --project_dir=my_project

Alternatively, you can specify an output directory for both single file and multi file obscuring:

obscure --filepath=my_module.py --output_dir=desired_output_directory
obscure --project_dir=my_project --output_dir=desired_output_directory

Disclaimer

Obscurepy is no substitution for standard security practices. Obscurepy will not protect your code, nor will it protect the constants within your code. Python is an interpreted language and by nature anyone with access to your source code can reverse engineer it or simply extract any constant replacement to determine the value. Obscurepy is not meant to be used with security in mind. Obscurepy can make your source code difficult to read and it may deter people from trying. It will not stop any determined person from figuring out what your code does. I suggest looking into PyArmor if a more sophisticated method of obfuscation is required.

License

MIT License

Copyright (c) 2021 Andrew Christiansen

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE

You might also like...
Scout Suite - an open source multi-cloud security-auditing tool,
Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool
Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting.🎭

This is A Python & Bash Programming Based Termux-Tool Created By CRACKER911181. This Tool Created For Hacking and Pentesting. If You Use This Tool To Evil Purpose,The Owner Will Never be Responsible For That.

A tool to brute force a gmail account. Use this tool to crack multiple accounts
A tool to brute force a gmail account. Use this tool to crack multiple accounts

A tool to brute force a gmail account. Use this tool to crack multiple accounts. This tool is developed to crack multiple accounts

A python package with tools to read and postprocess the output of the channel DNS-solver (davecats/channel), as well as its associated postprocessing tools.

Python tools for davecats/channel A python package with tools to read and postprocess the output of the channel dns solver, as well as its associated

Andrea Andreolli 1 Dec 13, 2021
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 3, 2022
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).

CVE-2021-43798 – Grafana Exploit About This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798

Pedro Havay 12 Nov 18, 2022
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

null 136 Dec 13, 2022
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p

null 2.4k Jan 7, 2023
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Open Source Tool - Cybersecurity Graph Database in Neo4j

GraphKer Open Source Tool - Cybersecurity Graph Database in Neo4j |G|r|a|p|h|K|e|r| { open source tool for a cybersecurity graph database in neo4j } W

Adamantios - Marios Berzovitis 27 Dec 6, 2022
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

m4ll0k (mallok) 1.8k Jan 4, 2023