I decided to code and package my own, called bobskater. It turned out to be surprisingly easy with Python's
ast library, the invaluable documentation at GreenTreeSnakes, and a little library called
astunparse. Being completely AST based, it won't die on weird syntax or require special formatting. All obfuscation decisions are based on AST node type. There are a few limitations as of now but they're all documented in the repository.
There do exist a lot of libraries/techniques out there (free and pay) that perport to do this, with mixed results:
- Compile to
compile(). Even at the highest optimization you can still extract the original code, variable names, and docstrings with uncompyle6 in literally just one command.
- Encrypt your modules and hook the import functionality to decrypt them when loading them at runtime. Too simple to reverse in my opinion.