woodpecker-appstore/ghost-bits-encoder — explained in plain English
Analysis updated 2026-05-18
Test whether a web application's input filters can be bypassed using Unicode obfuscation
Generate JSON-safe or URL-safe obfuscated payloads for security testing
Test CRLF injection handling in an application using the CRLF injection encoder
| woodpecker-appstore/ghost-bits-encoder | chrisjenx/androidtimelock | zerozshare/openfriendmod | |
|---|---|---|---|
| Stars | 27 | 28 | 29 |
| Language | Java | Java | Java |
| Last pushed | — | 2012-11-19 | — |
| Maintenance | — | Dormant | — |
| Setup difficulty | moderate | easy | easy |
| Complexity | 2/5 | 2/5 | 2/5 |
| Audience | developer | developer | general |
Figures from each repo's GitHub metadata at analysis time.
Requires an existing Woodpecker installation and building the plugin with Maven before copying it into the plugin directory.
This is a plugin for Woodpecker, a security testing tool, focused on encoding and decoding text in unusual ways, specifically using a technique called "Ghost Bits," which hides information by mapping regular text characters into less common Unicode symbols. Unicode is the global standard for representing text characters from all the world's writing systems. The plugin registers 11 functions inside Woodpecker's interface. The basic encode tab takes any text you enter and generates five random variations of it using characters from different Unicode blocks (such as Arabic, Thai, mathematical symbols, and others), each of which looks different but decodes back to the original. The decode function reverses this. Beyond that, it offers specialized encoding variants useful in security testing: JSON-aware encoders that preserve the structure of a JSON object while obfuscating the string values inside it, URL encoders that produce web-address-safe encoded variants in different formats, a Base64 Ghost encoder that encodes text to Base64 and then applies Ghost encoding on top, a CRLF injection encoder (CRLF refers to special line-break characters sometimes exploitable in web vulnerabilities), and a BCEL encoder for a Java bytecode format. The project is written in Java and built using Maven, a standard Java build tool. It is designed to be copied into Woodpecker's plugin directory so the tool can load it automatically on startup.
A Woodpecker security-testing plugin that encodes text into unusual Unicode variants to help test for filter bypass and obfuscation issues.
Mainly Java. The stack also includes Java, Maven.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.