F.A.Q - Python Script Obfuscation (Obfuscate, Protect Python Script Source Code)
- Online Submissions
- This is an ideal option if you wish to simply upload your python scripts to the enscrypt.io web interface. With this option, you can submit up to the number of unique scripts allowed under the plan you purchased.
- OnPrem Licenses
- This option allows for the usage of the python script Obfuscator on your own private hosts. No need to upload any script to our web portal.
- This is a great option for users who do NOT wish to externally upload scripts they believe to be extremely sensitive. It is also the ideal choice for businesses with a large, increasing number of python scripts to obfuscate.
- You will be permitted to use the AtShai Python Obfuscator for as long as the license period is valid. And yes, there is currently NO limit to the number of scripts you can obfuscate using the OnPrem license.
While this has a modicum of truth to it, the reality is, no matter how smart the "hacker" is, no matter how much time they have on their hands, there is only a finite number of tactics they can employ to try to hack an obfuscated script, especially one like ours, equipped with dynamic intelligence.
So long as it remains true that there is only a limited number of ways to hack a script, our obfuscation will always prevail. We can always develop counter measures to counteract whatever loopholes a persistent hacker is able to discover. That is what we do. That is precisely what we specialize in and we have spent years perfecting the many different methodologies used in our obfuscation process.
Experience has taught us that source code security is an absolute must. It is important you, as a company or developer remain informed on where your code is being used and how it is being used. Not only will this provide you with insights on how to make your software more useful to your users, it'll also reveal the identity of any nefarious entity seeking to gain unauthorized access to your intellectual property and the frequency of such misbehaviors.
In the context of protecting source code, a python obfuscator is a tool designed to convert plain text python code into an unreadable text which still qualifies as a runnable, functioning python script.
In other words, a python obfuscator is generally used to accomplish one or more of the following goals:
- Prevent modifications to commercial python scripts - Ensure no one, regardless of privilege, is allowed to make changes to an obfuscated code
- Retain the ability to sell or share python scripts without the crippling fear of your intellectual property falling into the wrong hands
- Gathering usage metrics on sensitive python code once it is shared with the external/outside world
- Regulate how long commercial python scripts can be used - Define and enforce date locks or expiration dates
- Moderate the list of users who are authorized to run protected python scripts
- Regulate where (on which systems) specific obfuscated python scripts can be utilized
- Safeguard highly confidential credentials stored within python scripts
- It has either expired or had its name changed to a name different from the name given to it during obfuscation.
- Once a python script is obfuscated, you cannot rename the obfuscated version. If you do, it will not function.
- Once a obfuscated python script expires, to regain the functionaility it provides, you must re-obfuscate it and be mindful of the expiration date.
- We are quite aware that our obfuscation methodology is unique and there is absolutely nothing like it anywhere else on the internet. For this reason, there will be many hackers who will try to break it apart in an effort to replicate it or for some other nefarious reason.
- To successfully combat this, a series of sensitivity checks are included in all AtShai.com protected scripts. What that means is, whenever our obfuscation mechanism detects that a user is performing hack attacks on an obfuscated script, we will automatically cause the script to self destruct.
- The name of the interpreted language your script is written in
- A sample code written in this interpreted language
- How you normally go about running the script
- The OS(es) you intend to run the obfuscated scripts on
- Date Management - Assign expiration dates to your .py python scripts
- License Management - Regulate the redistribution of all scripts
- User Management - Restrict usage of your python scripts to specific Users
- Host Management - Restrict usage of your scripts to specific Hosts and Servers
- Duplication Prevention - Prevent multiple copies of your scripts, Safeguard the name given at the time of obfuscation.
- Instance Management - Restrict simultaneous or multiple running instances of your scripts
- Tamper Resistance - Auto self-destructs whenever a user tries to figure out how it works
a) Ensures an obfuscated script does not function if it detects that a necessary tool on the system has been altered
Some users may build a modified version of a binary and then try to use that version to investigate our obfuscation/obfuscation algorithm.
- The tamper resistance feature will detect this and will stop the script from working!
b) Ensures that a protected script never works if the user is doing anything other than running it.
- We monitor for this and we block them at every turn.
- There are many interesting ways users can attempt to break a protected script.
c) Ensures it is impossible for any user to modify a protected script
- Some users have nefarious intentions when they purchase online software. Upon purchasing a software, these users typically request a refund immediately after. And after the refund is given, they continue to use the software.
- AtShai.com puts an end to this. Our customers have the option to make their script require internet connectivity.
- If a customer opts to make her script require internet connection, then users of the script will NOT be able to run it if they're not connected to the internet.
- Report Generator - A dashboard that details the frequency of attacks on your obfuscated code
- Visualize historical data on habitual offenders.
- This provides script owners control of their commercial scripts in case a user misbehaves.
a). Know when attempts are made to hack your obfuscated python scripts
- If you are actually able to successfully unlock any of our obfuscated scripts in under 60 days.
- Under this scenario, to qualify for the refund, we'll need to see proof.
- This option will allow you to upload python scripts of all types to our web interface for immediate obfuscation
- This option will enable you to avoid having to submit extremely sensitive scripts to our website
It allows you to obfuscate as many scripts as you need, right from your own private host.
Online Solution (Basic)
Developers / Engineers
- Online access to the AtShai Python Obfuscator
- Upload the list of .py scripts you wish to obfuscate
- Resubmit the same scripts as many times as needed
- Licensed copy of the AtShai Python Obfuscator.
- Designed for use on private hosts / servers.
- Command-line friendly - Just feed it a script/dir
- Easy integration with CI/CD pipelines
- Designed specifically for clients who do not wish to externally upload extremely sensitive scripts
We provide custom options for clients with specific requirements. If either of the following applies to you, let us know.
- Your preferred programming language is not listed
- You require custom modifications to the Obfuscator (modifications unique to your company)