One endpoint. Any language.
Send a multipart ZIP, receive a sealed ZIP. Wire Just Obfuscate into anything that speaks HTTP — CI runners, GitHub Actions, your own backend, or a shell script.
/api/public/obfuscatemultipart/form-data in · application/zip out. Max 50 MB per request.
curl
One-liner that POSTs your ZIP and writes the sealed copy.
curl -X POST https://just-obfuscate.app/api/public/obfuscate \
-F file=@./my-project.zip \
-F profile=maximum \
-F superSafe=true \
-F stripConsole=false \
-F encryptStrings=false \
-o sealed.zipNode · fetch
Works in Node 18+. No SDK needed.
const fs = require("node:fs");
const form = new FormData();
form.append("file", new Blob([fs.readFileSync("project.zip")]), "project.zip");
form.append("profile", "maximum");
const res = await fetch("https://just-obfuscate.app/api/public/obfuscate", { method: "POST", body: form });
fs.writeFileSync("sealed.zip", Buffer.from(await res.arrayBuffer()));Python · requests
Drop-in for any Python service or build script.
import requests
with open("project.zip", "rb") as f:
r = requests.post(
"https://just-obfuscate.app/api/public/obfuscate",
files={"file": ("project.zip", f, "application/zip")},
data={"profile": "maximum", "stripConsole": "true"},
)
open("sealed.zip", "wb").write(r.content)
print(r.headers.get("x-files-obfuscated"), "files sealed")Form fields
| Field | Description |
|---|---|
| file | (required) The .zip file. Max 50 MB. |
| profile | light | standard | maximum |
| superSafe | true | false (default: true) |
| stripConsole | true | false |
| encryptStrings | true | false |
| includeSkipped | true | false |
| injectHeader | true | false |
| headerText | License header text |
Response headers
- x-files-total — total files in the archive
- x-files-obfuscated — number actually transformed
- x-duration-ms — server processing time
/api/public/decodeUniversal multi-language deobfuscator. Iteratively strips up to 24 layers (base64 / hex / rot13 / reverse / eval(atob)) and returns the decoded source plus a language-aware beautified version. Max 5 MB per request.
curl — decode
JSON in, JSON out (decoded + beautified + layers).
curl -X POST https://just-obfuscate.app/api/public/decode \
-H "content-type: application/json" \
-d '{"code":"ZXZhbCgnYWxlcnQoMSknKQ==","format":"js-like"}'Node · fetch — decode
const fs = require("node:fs");
const code = fs.readFileSync("encoded.txt", "utf8");
const res = await fetch("https://just-obfuscate.app/api/public/decode", {
method: "POST",
headers: { "content-type": "application/json" },
body: JSON.stringify({ code, format: "auto" }),
});
const { decoded, beautified, layers } = await res.json();
console.log("layers stripped:", layers);
fs.writeFileSync("decoded.js", beautified);Python · requests — decode
import requests, json
with open("encoded.txt", "r") as f:
code = f.read()
r = requests.post(
"https://just-obfuscate.app/api/public/decode",
json={"code": code, "format": "auto"},
)
data = r.json()
print("layers:", data["layers"])
print("language:", data["detectedLabel"])
open("decoded.js", "w").write(data["beautified"])Decode — request fields
| Field | Description |
|---|---|
| code | (required) The encoded payload — string. |
| format | auto · js-like · py-like · shell · c-like · markup · css-like · sql · config · lisp · ml-like · prose · generic |
Accepts application/json, multipart/form-data, or raw text/plain body. Response is JSON with decoded, beautified, layers[], detectedLanguage, bytesIn, bytesOut.