Secure Node.js scripts with in memory decryption and two factor authentication
I am not responsible for your actions. Use at your own discretion.
- Randomly generated 32 character password
- Uses AES-256-CBC encryption
- Uses Scrypt to derive encryption key (Protects against bruteforce attacks)
- OTP support for two factor authentication (OTP Secret is encrypted)
- Calls garbage collector to clear memory after decryption (Protects against memory dump attacks)
- Works with Vercel's pkg to compile into executable (Use
--options expose_gcwhen building)
- Securely distribute Node.js scripts
- Protect scripts from unauthorized execution
- Protect script source code
- All local imports are localized (Disabled due to bugs)
- Implement OTP if enabled (
--otpflag)- Generate OTP secret
- Generate OTP code and wrap original code (OTP code & secret is encrypted)
- Generate random password
- Derive encryption key using Scrypt
- Encrypt code using AES-256-CBC
- Generate final code with decryption methods
- Write final code to output file
Check out the example in the example folder
node cypher --input <file> --output <file> --otp
- OTP code can be generated in your browser using https://totp.danhersam.com/
You must use --expose_gc option when executing the output script
node --expose_gc <file>
You must localize your imports manually for the moment
Original
const lib = require('./lib/test')
lib()Localized
const lib = (module.exports = () => console.log('test'))
lib()pkg <file> --options expose_gc
- Automatic compiler
- Randomize function names
- Add second layer of encryption using OTP