garble alternatives and similar packages
Based on the "Security" category.
Alternatively, view garble alternatives based on common mentions on social networks and blogs.
-
Lean and Mean Docker containers
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source) -
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability. -
CertMagic
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal -
memguard
Secure software enclave for storage of sensitive information in memory. -
acmetool
:lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt) -
Themis by Cossack Labs
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms. -
acra
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL. -
Coraza
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library -
ToRat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication -
dongle
A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption -
go-password-validator
Validate the Strength of a Password in Go -
firewalld-rest
A rest application to update firewalld rules on a linux server -
BadActor
BadActor.org An in-memory application driven jailer written in Go -
passlib
:key: Idiotproof golang password validation library inspired by Python's passlib -
simple-scrypt
A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go ๐ -
teler-waf
teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. -
argon2pw
Argon2 password hashing package for go with constant time hash comparison -
goSecretBoxPassword
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase. -
Credman
Simple and secure credential/password management with extra steps in Go! -
secureio
An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer. -
goArgonPass
goArgonPass is a Argon2 Password utility package for Go using the crypto library package Argon2 designed to be compatible with Passlib for Python and Argon2 PHP. Argon2 was the winner of the most recent Password Hashing Competition. This is designed for use anywhere password hashing and verification might be needed and is intended to replace implementations using bcrypt or Scrypt. -
sslmgr
A layer of abstraction the around acme/autocert certificate manager (Golang) -
argon2-hashing
A light package for generating and comparing password hashing with argon2 in Go -
Go random string generator
Flexible and customizable random string generator
Access the most powerful time series database as a service
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of garble or a related project?
Popular Comparisons
README
garble
GO111MODULE=on go get mvdan.cc/garble
Obfuscate Go code by wrapping the Go toolchain. Requires Go 1.16 or later.
garble build [build flags] [packages]
See garble -h
for up to date usage information.
Purpose
Produce a binary that works as well as a regular build, but that has as little information about the original source code as possible.
The tool is designed to be:
- Coupled with
cmd/go
, to support modules and build caching - Deterministic and reproducible, given the same initial source code
- Reversible given the original source, to deobfuscate panic stack traces
Mechanism
The tool wraps calls to the Go compiler and linker to transform the Go build, in order to:
- Replace as many useful identifiers as possible with short base64 hashes
- Replace package paths with short base64 hashes
- Remove all build and module information
- Strip filenames and shuffle position information
- Strip debugging information and symbol tables
- Obfuscate literals, if the
-literals
flag is given - Remove extra information if the
-tiny
flag is given
Options
By default, the tool obfuscates the packages under the current module. If not
running in module mode, then only the main package is obfuscated. To specify
what packages to obfuscate, set GOPRIVATE
, documented at go help private
.
Note that commands like garble build
will use the go
version found in your
$PATH
. To use different versions of Go, you can
install them
and set up $PATH
with them. For example, for Go 1.16.1:
$ go get golang.org/dl/go1.16.1
$ go1.16.1 download
$ PATH=$(go1.16.1 env GOROOT)/bin:${PATH} garble build
You can also declare a function to make multiple uses simpler:
$ withgo() {
local gocmd=go${1}
shift
PATH=$(${gocmd} env GOROOT)/bin:${PATH} "[email protected]"
}
$ withgo 1.16.1 garble build
Caveats
Most of these can improve with time and effort. The purpose of this section is to document the current shortcomings of this tool.
Exported methods are never obfuscated at the moment, since they could be required by interfaces and reflection. This area is a work in progress.
Go plugins are not currently supported; see #87.
There are cases where garble is a little too agressive with obfuscation, this may lead to identifiers getting obfuscated which are needed for reflection, e.g. to parse JSON into a struct; see #162. To work around this you can pass a hint to garble, that an type is used for reflection via passing it to
reflect.TypeOf
orreflect.ValueOf
in the same file:// this is used for parsing json type Message struct { Command string Args string } // never obfuscate the Message type var _ = reflect.TypeOf(Message{})
Tiny Mode
When the -tiny
flag is passed, extra information is stripped from the resulting
Go binary. This includes line numbers, filenames, and code in the runtime that
prints panics, fatal errors, and trace/debug info. All in all this can make binaries
2-5% smaller in our testing.
Note: if -tiny
is passed, no panics, fatal errors will ever be printed, but they can
still be handled internally with recover
as normal. In addition, the GODEBUG
environmental variable will be ignored.
Contributing
We actively seek new contributors, if you would like to contribute to garble use the [CONTRIBUTING.md](CONTRIBUTING.md) as a starting point.