rust_code_obfuscator 0.2.8

A Rust library to easily obfuscate strings and control-flow using cryptify lib
Documentation

🦀 rustfuscator

crates.io Contributing Whitepaper Obfuscation Guide

Obfuscation-first CLI and library for Rust.
Protect your source code from reverse engineering by encrypting string literals, injecting opaque control-flow, and rewriting AST logic — with full automation CLI, macros or a derive.

Features

  • Full CLI: obfuscate files, folders, or full Cargo projects
  • Configurable via .obfuscate.toml
  • Output formatting (--format)
  • No runtime dependency or unpacking
  • Obfuscate string literals at compile-time (obfuscate_string!)
  • Insert control-flow breaking statements (obfuscate_flow!)
  • Derive macro for struct encryption (#[derive(Obfuscate)])

How Obfuscation Works

The rustfuscator CLI does not obfuscate your compiled binary directly.

Instead, it rewrites your Rust source code to wrap strings and logic in macros like obfuscate_string!() and obfuscate_flow!(). These macros perform real obfuscation by:

Encrypting values at compile-time using the cryptify crate. Embedding encrypted data into the binary instead of plaintext. Generating runtime decryption logic, so your binary still works as expected. This approach is:

Fully integrated with the Rust compiler Transparent to your runtime logic Compatible with all platforms supported by Rust

➡️ Important: After using the CLI, you still need to build your code with cargo build to produce the final obfuscated binary.

If you have time read --> Obfuscation Guide :)

Installation

Once published:

cargo install rustfuscator

Or clone and build:

git clone https://github.com/GianIac/rustfuscator

cd rustfuscator

cargo install --path obfuscator_cli

Command-Line Interface

The CLI is the most powerful part of rustfuscator. You can obfuscate anything from a single file to a full Rust project.

Obfuscate a single file

obfuscator_cli --input ./src/main.rs --output ./obf

Obfuscate a full source folder

obfuscator_cli --input ./src --output ./obf_src

Obfuscate an entire Cargo project

obfuscator_cli \ --input ./my_project \ --output ./my_project_obf \ --as-project \ --format

Automatically:

  • Copies your project structure
  • Patches Cargo.toml
  • Applies macro-based obfuscation
  • Optionally formats the output

Configuration with .obfuscate.toml

Generate a default config:

obfuscator_cli --input ./my_project --init

Example file:

The .obfuscate.toml file controls what parts of your code get obfuscated and how.
This file is especially useful when obfuscating full projects.

Library Usage

Add to your Cargo.toml:

[dependencies] --> rust_code_obfuscator = "0.2.8" cryptify = "3.1.1"

Use it:

Derive Struct Encryption

Project Layout

Disclaimer

Obfuscation does not guarantee complete protection. It significantly increases the complexity of reverse engineering, but should be combined with:

  • Binary stripping
  • Anti-debugging
  • Compiler flags
  • Other hardening strategies
For stronger binary protection, consider compiling with:

RUSTFLAGS="-C strip=debuginfo -C opt-level=z -C panic=abort" cargo build --release

Author Note

Commits signed by user <user@local> are authored by me (GianIac). This is due to a local Git config and will be corrected going forward.

License

MIT License © 2025 Gianfranco Iaculo