Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
html-classes-obfuscator
Advanced tools
Sorry we don't scan binary artifacts yet
- Maintainers
- 1
👋 HTML-Classes-Obfuscator 🔒
CLI tool that obfuscates HTML classes:
Normal HTML file :
<div class="card w-50">
<div class="card-body">Hello World</div>
</div>
Obfuscated HTML file :
<div class="oywdon tgmvkg">
<div class=emnpzm>Hello World</div>
</div>
🚀 Usage
Via command line...
git clone git@github.com:xandermann/html-classes-obfuscator.git
cp html-classes-obfuscator/html_classes_obfuscator/html_classes_obfuscator.py ./YOUR_PROJECT
python3 html_classes_obfuscator.py --htmlpath="**/*.html" --csspath="**/*.css" --jspath="**/*.js"
...Or via a python script
# https://pypi.org/project/html-classes-obfuscator/
pip install html-classes-obfuscator
import glob
import random
import string
from html_classes_obfuscator import html_classes_obfuscator
# [...]
htmlfiles = glob.glob("./**/*.html", recursive=True)
cssfiles = glob.glob("./**/*.css", recursive=True)
jsfiles = glob.glob("./**/*.js", recursive=True)
print(htmlfiles)
print(cssfiles)
print(jsfiles)
# Generate random string
def generate_class(current_classes_list):
def random_class():
# Offers (26*2)^6 random class name possibilities
return ''.join(random.choice(string.ascii_letters) for i in range(6))
res = random_class()
while res in current_classes_list.values():
res = random_class()
return res
html_classes_obfuscator.html_classes_obfuscator(htmlfiles, cssfiles, jsfiles, generate_class)
⚠️️ Important notes
- Make a backup before use.
- DON'T use if you have duplicate class names in your css files.
- If you modify the class generator, be sure that the generated name doesn’t begin with a number:
In CSS, identifiers (including element names, classes, and IDs in selectors) can contain only the characters [a-zA-Z0-9] and ISO 10646 characters U+00A0 and higher, plus the hyphen (-) and the underscore (_); they cannot start with a digit, two hyphens, or a hyphen followed by a digit. Identifiers can also contain escaped characters and any ISO 10646 character as a numeric code (see next item). For instance, the identifier “B&W?” may be written as “B&W?” or “B\26 W\3F”. https://www.w3.org/TR/CSS21/syndata.html#characters
✅ Run tests
python3 -m unittest tests/*.py
🤝 Contributing
Contributions, issues and feature requests are welcome.
Feel free to check issues page if you want to contribute.
Check the contributing guide.
Keywords
FAQs
Obfuscate class names in HTML, CSS and Javascript files.
We found that html-classes-obfuscator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024