{"id":13537710,"url":"https://github.com/bashfuscator/bashfuscator","last_synced_at":"2025-10-04T05:28:27.538Z","repository":{"id":45213321,"uuid":"143474604","full_name":"Bashfuscator/Bashfuscator","owner":"Bashfuscator","description":"A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.","archived":false,"fork":false,"pushed_at":"2023-09-05T10:40:25.000Z","size":2211,"stargazers_count":1790,"open_issues_count":17,"forks_count":189,"subscribers_count":31,"default_branch":"master","last_synced_at":"2025-07-12T03:02:41.909Z","etag":null,"topics":["bash","blue-team","evasion","incident-response","infosec","linux","linux-shell","obfuscation","red-team"],"latest_commit_sha":null,"homepage":"https://bashfuscator.readthedocs.io/en/latest/index.html","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Bashfuscator.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-08-03T21:25:22.000Z","updated_at":"2025-07-12T01:51:59.000Z","dependencies_parsed_at":"2024-01-07T13:04:39.593Z","dependency_job_id":"96f9d2b6-c4b2-4a7f-bb9f-0df4f6b696c8","html_url":"https://github.com/Bashfuscator/Bashfuscator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Bashfuscator/Bashfuscator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bashfuscator%2FBashfuscator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bashfuscator%2FBashfuscator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bashfuscator%2FBashfuscator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bashfuscator%2FBashfuscator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Bashfuscator","download_url":"https://codeload.github.com/Bashfuscator/Bashfuscator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bashfuscator%2FBashfuscator/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278267342,"owners_count":25958828,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","blue-team","evasion","incident-response","infosec","linux","linux-shell","obfuscation","red-team"],"created_at":"2024-08-01T09:01:02.557Z","updated_at":"2025-10-04T05:28:27.479Z","avatar_url":"https://github.com/Bashfuscator.png","language":"Python","readme":"![Bashfuscator logo](img/bashfuscator_logo.png)\n\n# Bashfuscator\n\n[Documentation](https://bashfuscator.readthedocs.io/en/latest/index.html)\n\n## What is Bashfuscator?\n\nBashfuscator is a modular and extendable Bash obfuscation framework written in Python 3. It provides numerous different ways of making Bash one-liners or scripts much more difficult to understand. It accomplishes this by generating convoluted, randomized Bash code that at runtime evaluates to the original input and executes it. Bashfuscator makes generating highly obfuscated Bash commands and scripts easy, both from the command line and as a Python library.\n\nThe purpose of this project is to give Red Team the ability to bypass static detections on a Linux system, and the knowledge and tools to write better Bash obfuscation techniques.\n\nThis framework was also developed with Blue Team in mind. With this framework, Blue Team can easily generate thousands of unique obfuscated scripts or commands to help create and test detections of Bash obfuscation.\n\n### Media/slides\n\nThis is a list of all the media (i.e. youtube videos) or links to slides about Bashfuscator.\n\n- [Bsides Charm](https://www.youtube.com/watch?v=zef422NDmpo)\n\n### Payload support\n\nThough Bashfuscator does work on UNIX systems, many of the payloads it generates will not. This is because most UNIX systems use BSD style utilities, and Bashfuscator was built to work with GNU style utilities. In the future BSD payload support may be added, but for now payloads generated with Bashfuscator should work on GNU Linux systems with Bash 4.0 or newer.\n\n## Installation \u0026 Requirements\n\nBashfuscator requires Python 3.6+.\n\nOn a Debian-based distro, run this command to install dependencies:\n\n`sudo apt-get update \u0026\u0026 sudo apt-get install python3 python3-pip python3-argcomplete xclip`\n\nOn a RHEL-based distro, run this command to install dependencies:\n\n`sudo dnf update \u0026\u0026 sudo dnf install python3 python3-pip python3-argcomplete xclip`\n\nThen, run these commands to clone and install Bashfuscator:\n\n```bash\ngit clone https://github.com/Bashfuscator/Bashfuscator\ncd Bashfuscator\npython3 setup.py install --user\n```\n\nOnly Debian and RHEL based distros are supported. Bashfuscator has been tested working on some UNIX systems, but is not supported on those systems.\n\n## Example Usage\n\nFor simple usage, just pass the command you want to obfuscate with `-c`, or the script you want to obfuscate with `-f`.\n\n```bash\n$ bashfuscator -c \"cat /etc/passwd\"\n[+] Mutators used: Token/ForCode -\u003e Command/Reverse\n[+] Payload:\n\n   ${@/l+Jau/+\u003cb=k } p''\"r\"i\"\"n$'t\\u0066'  %s  \"$(      ${*%%Frf\\[4?T2   }  ${*##0\\!j.G }   \"r\"'e'v \u003c\u003c\u003c '   \"} ~@{$\"   \")  }  j@C`\\7=-k#*{$   \"}   ,@{$\"  ; }  ;   } ,,*{$  \"}]  }   ,*{$  \"}   f9deh`\\\u003e6/J-F{\\,vy//@{$\" niOrw$   } QhwV#@{$ [NMpHySZ{$\"  s%  \"f\"'\"'\"'4700u\\n9600u\\r'\"'\"'$p  {   ;  }  ~*{$  \"}  48T`\\PJc}\\#@{$\"   1#31  \"}  ,@{$\"   }  D$y?U%%*{$ 0#84  *$   }   Lv:sjb/@{$   2#05   }   ~@{$   2#4   }*!{$  }   OGdx7=um/X@RA{\\eA/*{$ 1001#2   }   Scnw:i/@{$  } ~~*{$  11#4   \"} O#uG{\\HB%@{$\"   11#7 \"} ^^@{$\"  011#2   \"}   ~~@{$\" 11#3 }  L[\\h3m/@{$  \"}   ~@{$\" 11#2 }  6u1N.b!\\b%%*{$   }   YCMI##@{$   31#5 \"} ,@{$\" 01#7  }  (\\}\\;]\\//*{$ }   %#6j/?pg%m/*{$   001#2  \"}  6IW]\\p*n%@{$\"   }  ^^@{$ 21#7  } !\\=jy#@{$  }   tz}\\k{\\v1/?o:Sn@V/*{$  11#5   ni   niOrw  rof ;   \"}   ,,@{$\"  } MD`\\!\\]\\P%%*{$   )  }@{$   a   }  ogt=y%*{$ \"@$\" /\\   }   {\\nZ2^##*{$    \\   *$  c  }@{$  }   h;|Yeen{\\/.8oAl-RY//@{$   p  *$  \"}@{$\"  t   }  zB(\\R//*{$  } mX=XAFz_/9QKu//*{$  e   *$  s  } ~~*{$  d   }  ,*{$   }  2tgh%X-/L=a_r#f{\\//*{$   w }  {\\L8h=@*##@{$   \"}   W9Zw##@{$\"  (=NMpHySZ    ($\"  la'\"'\"''\"'\"'\"v\"'\"'\"''\"'\"''\"'\"'541\\'\"'\"'$  } \u0026;@0#*{$ '   \"${@}\" \"${@%%Ij\\[N   }\"    ${@~~  }   )\"  ${!*} |   $@  $'b\\u0061'''sh   ${*//J7\\{=.QH   }  \n\n[+] Payload size: 1232 characters\n```\n\nYou can copy the obfuscated payload to your clipboard with `--clip`, or write it to a file with `-o`.\n\nFor more advanced usage, use the `--choose-mutators` flag, and specify exactly what obfuscation modules, or Mutators, you want to use in what order. Use also the `-s` argument to control the level of obfuscation used.\n\n```bash\nbashfuscator -c \"cat /etc/passwd\" --choose-mutators token/special_char_only compress/bzip2 string/file_glob -s 1\n[+] Payload:\n\n\"${@#b }\"  \"e\"$'\\166'\"a\"\"${@}\"l \"$(  ${!@}m''$'k\\144'''ir -p '/tmp/wW'${*~~} ;$'\\x70'\"${@/AZ }\"rin\"\"tf  %s  'MxJDa0zkXG4CsclDKLmg9KW6vgcLDaMiJNkavKPNMxU0SJqlJfz5uqG4rOSimWr2A7L5pyqLPp5kGQZRdUE3xZNxAD4EN7HHDb44XmRpN2rHjdwxjotov9teuE8dAGxUAL'\u003e  '/tmp/wW/?\n??';  prin${@#K. }tf %s  'wYg0iUjRoaGhoNMgYgAJNKSp+lMGkx6pgCGRhDDRGMNDTQA0ABoAAZDQIkhCkyPNIm1DTQeppjRDTTQ8D9oqA/1A9DjGhOu1W7/t4J4Tt4fE5+isX29eKzeMb8pJsPya93'  \u003e  '/tmp/wW/???\n' \"${@,, }\"  \u0026\u0026${*}pri''\\n${*,}tf %s 'RELKWCoKqqFP5VElVS5qmdRJQelAziQTBBM99bliyhIQN8VyrjiIrkd2LFQIrwLY2E9ZmiSYqay6JNmzeWAklyhFuph1mXQry8maqHmtSAKnNr17wQlIXl/ioKq4hMlx76' \u003e'/tmp/wW/??\n\n';\"${@,  }\" $'\\x70'rintf  %s 'clDkczJBNsB1gAOsW2tAFoIhpWtL3K/n68vYs4Pt+tD6+2X4FILnaFw4xaWlbbaJBKjbGLouOj30tcP4cQ6vVTp0H697aeleLe4ebnG95jynuNZvbd1qiTBDwAPVLTtCLx' \u003e'/tmp/wW/?\n\n?' ;  ${*/~} p\"\"${@##vl  }ri\"\"n''tf %s  '  pr'\"'\"'i'\"'\"'$'\"'\"'n\\x74'\"'\"'f %s  \"$( prin${*//N/H  }tf  '\"'\"'QlpoOTFBWSZTWVyUng4AA3R/gH7z/+Bd/4AfwAAAD8AAAA9QA/7rm7NzircbE1wlCTBEamT1PKekxqYIA9TNQ' \u003e'/tmp/wW/????'  \"${@%\\`  }\"  ;p''r\"\"i$'\\x6e'''$'\\164'\"f\" %s 'puxuZjSK09iokSwsERuYmYxzhEOARc1UjcKZy3zsiCqG5AdYHeQACRPKqVPIqkxaQnt/RMmoLKqCiypS0FLaFtirJFqQtbJLUVFoB/qUmEWVKxVFBYjHZcIAYlVRbkgWjh'  \u003e'/tmp/wW/?\n\n\n'  ${*};\"p\"rin''$'\\x74f' %s  'Gs02t3sw+yFjnPjcXLJSI5XTnNzNMjJnSm0ChZQfSiFbxj6xzTfngZC4YbPvaCS3jMXvYinGLUWVfmuXtJXX3dpu379mvDn917Pg7PaoCJm2877OGzLn0y3FtndddpDohg'\u003e'/tmp/wW/?\n?\n' \u0026\u0026 \"${@^^ }\"  pr\"\"intf  %s  'Q+kXS+VgQ9OklAYb+q+GYQQzi4xQDlAGRJBCQbaTSi1cpkRmZlhSkDjcknJUADEBeXJAIFIyESJmDEwQExXjV4+vkDaHY/iGnNFBTYfo7kDJIucUES5mATqrAJ/KIyv1UV'\u003e '/tmp/wW/\n???'  ${*^}; ${!@}  \"${@%%I  }\"pri\"\"n$'\\x74f' %s '1w6xQDwURXSpvdUvYXckU4UJBclJ4OA'\"'\"'  |\"\"b${*/t/\\(  }a\\se$'\"'\"'6\\x34'\"'\"' -d| bu${*/\\]%}nzi'\"'\"'p'\"'\"'${!@}2  -c)\"  $@  |${@//Y^  } \\ba\\s\"h\"  ' \u003e  '/tmp/wW/\n??\n' ${@%b  } ;  pr\"i\"\\ntf  %s  'g8oZ91rJxesUWCIaWikkYQDim3Zw341vrli0kuGMuiZ2Q5IkkgyAAJFzgqiRWXergULhLMNTjchAQSXpRWQUgklCEQLxOyAMq71cGgKMzrWWKlrlllq1SXFNRqsRBZsKUE' \u003e  '/tmp/wW/??\n?'\"${@//Y  }\" ;$'c\\141t' '/tmp/wW'/????  ${*/m};\"${@,,  }\"  $'\\162'\\m '/tmp/wW'/????  \u0026\u0026${@^ }rmd\\ir  '/tmp/wW'; ${@^^  }   )\"  \"${@}\"  \n\n[+] Payload size: 2062 characters\n```\n\nFor more detailed usage and examples, please refer to the [documentation](https://bashfuscator.readthedocs.io/en/latest/Usage.html).\n\n## Extending the Framework\n\nAdding new obfuscation methods to the framework is simple, as Bashfuscator was built to be a modular and extendable framework. Bashfuscator's backend does all the heavy lifting so you can focus on writing robust obfuscation methods (documentation on adding modules coming soon).\n\n## Authors and Contributers\n\n- Andrew LeFevre ([capnspacehook](https://github.com/capnspacehook)): project lead and creator\n- Charity Barker ([cpbarker](https://github.com/cpbarker)): team member\n- Nathaniel Hatfield ([343iChurch](https://github.com/343iChurch)): writing the RotN Mutator\n- Elijah Barker ([elijah-barker](https://github.com/elijah-barker)): writing the Hex Hash, Folder and File Glob Mutators\n- Sam Kreischer: the awesome logo\n\n## Credits\n\n- [danielbohannon](https://github.com/danielbohannon), whose excellent [Invoke-Obfuscation](https://github.com/danielbohannon/Invoke-Obfuscation) and [Invoke-DOSfuscation](https://github.com/danielbohannon/Invoke-DOSfuscation) projects gave [capnspacehook](https://github.com/capnspacehook) the idea to start writing Bashfuscator, and insight on how to write robust obfuscation methods.\n- [DissectMalware](https://github.com/DissectMalware), whose tweets on Bash obfuscation formed the backbone of some Mutators, and provided ideas for other obfuscation techniques.\n- [ConsciousHacker](https://github.com/ConsciousHacker), whose insight and advice has helped the team greatly.\n- Bash logo was originally  from https://github.com/odb/official-bash-logo.\n\n## Disclaimer\n\nBashfuscator was created for educational purposes *only*, use only on computers or networks you have explicit permission to do so. The Bashfuscator team is not responsible for any illegal or malicious acts preformed with this project.\n","funding_links":[],"categories":["\u003ca id=\"9eee96404f868f372a6cbc6769ccb7f8\"\u003e\u003c/a\u003e新添加的","\u003ca id=\"783f861b9f822127dba99acb55687cbb\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"31185b925d5152c7469b963809ceb22d\"\u003e\u003c/a\u003e新添加的","\u003ca id=\"85bb0c28850ffa2b4fd44f70816db306\"\u003e\u003c/a\u003e混淆器\u0026\u0026Obfuscate"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbashfuscator%2Fbashfuscator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbashfuscator%2Fbashfuscator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbashfuscator%2Fbashfuscator/lists"}