# burrowers/garble **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/burrowers-garble).** 5,308 stars · 340 forks · Go · bsd-3-clause ## Links - GitHub: https://github.com/burrowers/garble - awesome-repositories: https://awesome-repositories.com/repository/burrowers-garble.md ## Topics `binary` `build` `code-obfuscator` `golang` `obfuscation` ## Description Garble is an obfuscation tool for Go binaries. It transforms compiled Go programs by hashing identifiers, package paths, and filenames into short, opaque strings, making reverse engineering more difficult. The tool produces reproducible results from identical source and a user-supplied seed, enabling verifiable builds. Obfuscation can be restricted to only those packages that match user-defined patterns, leaving other parts of the codebase untouched. Constant string literals in the binary are replaced with runtime-resolved expressions to hide their original content. The tool integrates directly into the Go build pipeline, automatically intercepting and modifying compilation and linking steps. It works by rewriting the Go AST at compile time, replacing identifiers and paths before the binary is produced. Build metadata such as debug position information, symbol tables, and unused symbols are stripped out, reducing binary size and removing clues for attackers. The obfuscation process is deterministic: given the same seed and source code, the output is identical across builds. Scope selection uses pattern matching to decide which packages to obfuscate, giving fine-grained control. ## Tags ### Security & Cryptography - [Go Binary Obfuscation](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-hardening-and-protection/code-obfuscators/obfuscating-compilers/go-binary-obfuscation.md) — Obfuscates Go binaries by hashing identifiers, package paths, and filenames. ([source](https://cdn.jsdelivr.net/gh/burrowers/garble@master/README.md)) - [Go Binary Obfuscators](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-hardening-and-protection/code-obfuscators/obfuscating-compilers/go-binary-obfuscators.md) — Transforms compiled Go binaries by hashing names and paths to hinder reverse engineering. - [Obfuscation Scope Filters](https://awesome-repositories.com/f/security-cryptography/code-obfuscation-protections/obfuscation-scope-filters.md) — Restricts obfuscation to packages matching user-defined pattern filters. ([source](https://cdn.jsdelivr.net/gh/burrowers/garble@master/README.md)) - [String Literal Obfuscation](https://awesome-repositories.com/f/security-cryptography/code-obfuscation-protections/string-literal-obfuscation.md) — Replaces constant strings with runtime-resolved values to hide their original contents. ([source](https://cdn.jsdelivr.net/gh/burrowers/garble@master/README.md)) ### Development Tools & Productivity - [Compile-Time Identifier Rewriting](https://awesome-repositories.com/f/development-tools-productivity/ast-transformation-tools/ast-to-source-conversion/source-code-rewriting/compile-time-identifier-rewriting.md) — Rewrites identifiers and package paths into short hashes during Go compilation. - [Binary Metadata Stripping](https://awesome-repositories.com/f/development-tools-productivity/debugging-profiling-testing/debugging-diagnostics/debugging-inspection-tools/debugging-and-inspection-tools/runtime-debugging/debug-symbol-stripping/binary-metadata-stripping.md) — Strips debug positions, symbol tables, and runtime metadata from compiled Go binaries. - [String Literal Obfuscation](https://awesome-repositories.com/f/development-tools-productivity/string-literal-handling/string-literal-obfuscation.md) — Hides constant string values in Go binaries by replacing them with runtime-resolved expressions. ### Software Engineering & Architecture - [Go](https://awesome-repositories.com/f/software-engineering-architecture/human-in-the-loop-workflows/build-pipeline-hooks/go.md) — Hooks into the Go build pipeline to intercept and modify compilation and linking steps. - [Deterministic Obfuscation Builds](https://awesome-repositories.com/f/software-engineering-architecture/reproducible-builds/deterministic-obfuscation-builds.md) — Produces identical obfuscated binaries from the same source and seed for verifiable builds. ([source](https://cdn.jsdelivr.net/gh/burrowers/garble@master/README.md)) ### Data & Databases - [Obfuscation Scope Filters](https://awesome-repositories.com/f/data-databases/data-query-filters/regex-filters/package-selection-filters/obfuscation-scope-filters.md) — Applies obfuscation only to Go packages matching user-defined filters. - [Seed-Driven Hashing](https://awesome-repositories.com/f/data-databases/hash-tables/custom-hashing-implementations/deterministic-hashing/seed-driven-hashing.md) — Uses a user-supplied seed to produce repeatable obfuscated output from identical inputs. ### DevOps & Infrastructure - [Obfuscation Scope Filters](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/environment-scoping-controls/dependency-scoping/package-scope-filtering/obfuscation-scope-filters.md) — Restricts obfuscation to packages matching user-defined name patterns. ### Game Development - [String Literal Decoding](https://awesome-repositories.com/f/game-development/source-to-runtime-asset-conversion/runtime-asset-decoding/string-literal-decoding.md) — Replaces constant strings with runtime-resolved expressions to hide their original content.