惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

雷峰网
雷峰网
Security Archives - TechRepublic
Security Archives - TechRepublic
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Last Week in AI
Last Week in AI
博客园 - 司徒正美
阮一峰的网络日志
阮一峰的网络日志
WordPress大学
WordPress大学
爱范儿
爱范儿
J
Java Code Geeks
T
Tailwind CSS Blog
Apple Machine Learning Research
Apple Machine Learning Research
人人都是产品经理
人人都是产品经理
宝玉的分享
宝玉的分享
博客园 - 【当耐特】
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Help Net Security
Help Net Security
Hacker News: Ask HN
Hacker News: Ask HN
月光博客
月光博客
S
Secure Thoughts
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
博客园 - 聂微东
Hugging Face - Blog
Hugging Face - Blog
V
Visual Studio Blog
博客园 - 三生石上(FineUI控件)
O
OpenAI News
酷 壳 – CoolShell
酷 壳 – CoolShell
N
News and Events Feed by Topic
腾讯CDC
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Webroot Blog
Webroot Blog
博客园 - Franky
有赞技术团队
有赞技术团队
美团技术团队
Jina AI
Jina AI
S
Security @ Cisco Blogs
博客园 - 叶小钗
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园_首页
C
CERT Recently Published Vulnerability Notes
T
Threat Research - Cisco Blogs
Project Zero
Project Zero
A
Arctic Wolf
大猫的无限游戏
大猫的无限游戏
Latest news
Latest news
小众软件
小众软件
IT之家
IT之家
S
Security Affairs

TrustedSec

CMMC is (Not) Cancelled Pandora’s Container Part 1: Unpacking Azure Container Security Vulnify: Giving Your Agents a CVE Brain Inheriting the Receipts: Securing the AI Your Company Already Adopted Large Workflows with Local LLMs Modern Web Application Content Discovery JQ for Hackers JS-Tap v3: Endpoint Post-Exploitation With JavaScript Implants Hardening Intune: The Implementation Guide How to Train Your (Dragons) Analysts - A TrustedSec Guide to Picking… The Privileged Roles Nobody Talks About CMMC Conditional Status - Contracting Without Compliance PCI DSS, Telephone Payments, and the Problems With VoIP Shai-Hulud Is Back, and This Time It Ate the Whole Ecosystem Coverage-Driven Sustained Testing (CDST): A Graph-Oriented Model for… Finding Your Way on the Passkey Path Slamming the Door on Quick Assist Tech Support Scams and Abuse GRC in an AI World - Staying in the Fast Lane Without Losing the Race! The Defensive Stack is Exposed: LLMs, Reverse Engineering, and the… ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution… Kerberos with Titanis Mythos, Memory Loss, and the Part InfoSec Keeps Missing Dungeons and Daemons Benchmarking Self-Hosted LLMs for Offensive Security IAM the Captain Now – Hijacking Azure Identity Access Building a Detection Foundation: Part 5 - Correlation in Practice Reduce Repetition and Free up Time With Mobile File Extractor Policy as Code: Stop Writing Policies and Start Compiling Them Building a Detection Foundation: Part 4 - Sysmon Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found Better Together: Combining Automation and Manual Testing LnkMeMaybe - A Review of CVE-2026-25185 Building a Detection Foundation: Part 3 - PowerShell and Script… Building a Detection Foundation: Part 2 - Windows Security Events
Welcoming ObfusGit
Kevin Haubri · 2026-07-07 · via TrustedSec
Ever want to share your code online but wanted to keep AI companies and other mass consumers of online source code from being able to easily scrape your code to train their models or know what the code really has in it?

Well, if you answered yes to either of those, I got the project for you!

ObfusGit is a basic python script that allows you to set up a local repo and commit to it as usual, then you can run “obfusgit sync” and you have a fully encrypted/encoded copy of your repo you can just push up to a public location.

Why Does This Exist?

A coworker and I were joking one day about how to obfuscate public repos to make it more difficult for scrapers from knowing what’s in the codebase. I thought that this would be pretty easy. So easy, in fact, a local LLM could do it. So, I decided that I would give it the requirements with basic specs and see what happens. An hour later, we have a basic python script that achieves most of the goals. Basically, you use your Git repo as is, then once you decide you want to push it out to the public, you can just run obfusgit setup-repos --privateRepo /path/to/repo/ --encryptionKey YourSharedKey. This will then set up the repo with a copy of obfusgit in the root directory and the public repo folder,`.obfusgit-public`, that you can add remote origin and push from, and the config file with your encryption key. Once uploaded, someone can just clone the repo and run obfusgit reverse-repos --publicRepo /path/to/clonedRepo/ --privateRepoName clonedRepo_Plaintext --encryptionKey YourSharedKey and boom! That folder will be created and you will be able to see the actual project code.

How to Use

There are three steps you first need to setup the repo, you do this by running setup-repo pointing at a Git repo. This sets up the Git hooks and copies obfusgit.py to the base directory. You also need to have python3 installed, because the Git hook calls the obfusgit script with python3 every commit.

Figure 1 - Example of Setup

Once that’s done, you can set the remote origin for the public repo in .obfusgit-public/ and push up. Then, you can clone it down like simulated here. One thing to note is that if you setup-repos in an in-use repository, you need to run “sync” once after setup to get the public repo setup.

Figure 2 - Example Cloning repo and Showing Obfuscated Content

Once cloned, you obviously can’t see the actual contents. to reverse it back to plaintext, you just run “reverse-repos” like below.

Figure 3 - Example of Reversing the repo Back to Plaintext

The final piece of this is to figure out how to distribute the encryption key that you setup. This will have to be an accompanying blog post, Tweet, or something accessible, but not directly from the Git repo.

Conclusion

Please keep in mind that ObfusGit was built quickly using a local AI model and has only been quickly tested so don’t be surprised if there are issues. Additionally, this is not meant for projects where you are expecting to be tracking actual changes. Any file that is modified and committed will end up being re-encrypted and encoded constantly. The private history isn’t preserved in the public repo, so this is meant mostly for static projects.

ObfusGit is extremely minimal and I don’t have any plans to expand on it for now. One of the biggest limitations is that the entire commit history is lost across cloning and decoding process. Another one is that the private commits aren’t being maintained in the public repo. If anyone wants to expand this feel free! Merge requests are always welcome.