TypeScript icon, indicating that this package has built-in type declarations

1.0.0 • Public • Published


npm package npm bundle size NPM GitHub last commit Code Style Prettier Test Status

Obfuscate email addresses and other personal data, so bots can't scrape them.

Some personal information like email addresses or phone numbers, should never appear in plain text in your website's source code, so bots can't scrape them. Otherwise your contact information is in danger of being the target of spam mails or sms. This is where botex comes in. Using its CLI, the botex webapp, or using the library server side, you can hide your personal contact info from bots. Usually, this is done by base64 encoding the email or tel strings and only decoding them when a user clicks on a mailto link for example. But scraping bots have improved and can nowadays automatically decipher base64 or other simple ciphers, such as cesar ciphers. botex obfuscates personal information by using a key - that can be any string - to scramble the input. Doing that, it makes it much harder for bots to deobfuscate the data, as they'd first need to find out that you're using botex and then not only find the encoded information, but also the key for it. Specialized bots would first have to be developed to do this, which is hopefully to much of a hassle for hackers to be done.

botex tries to be a compromise between being secure (it's not securely encrypting anything, but hopefully annoying bots enough to give up) and being simple (the functions are straight forward and the lib much smaller than 1kb). Just be aware, that you're not perfectly protected just because your using botex, but you're certainly better off than using base64.

Now you might ask, how to put your email address on your webpage for everyone to see, without actually having it in your source code... For that I recommend creating an SVG image from your email address with a tool, such as Google Font to Svg Path. When that SVG is clicked you can open a mailto link, that you decrypt using botex. Some people encode email addresses as HTML entities or put them on the page in reverse character order and flip them again using CSS, but I suspect that bots have by now gotten the hang of that, too.

One note on the opening of mailto links on click though... I don't know about you, but I hate when a page is doing that... I much prefer having two icons either next to the email, or appearing as a popup on hover or on click, that let you select to either open the mailto link or to copy the mail to the clipboard. Checkout this example for selectively copying the mail or opening it.


import { scramble, unscramble } from "botex";

const key = "abc123xyz";
const mail = "";
const obfuscatedMail = scramble(mail, key);
// -> some gibberish bots hopefully can't read...

// ...

const key = "abc123xyz";
const scrambledMail = "Aasd123Bsdf..."; // Some gibberish...
const mailtoLink = document.querySelector("#mail-link");

mailtoLink.onclick = () => {
	// Get back the original data
	const originalMail = unscramble(scrambledMail, key);
	location.href = `mailto:${originalMail}`;


botex comes with a cli that helps you to obfuscate information and to create keys, so you can just copy them into your project.

$ botex --help

Usage: botex [options] [command]

  -v, --version                 output the version number
  -h, --help                    display help for command

  scramble [options] <input>    Obfuscate the input string, so that bots (hopefully) can't read it (default command)
  unscramble [options] <input>  Deobfuscate a scrambled string to retrieve the original data
  help [command]                display help for command
$ botex scramble --help

Usage: botex scramble [options] <input>

Obfuscate the input string, so that bots (hopefully) can't read it (default command)

  -k, --key <key>            The key used to obfuscate the input. This can be any string
  -a, --auto-key             If present, botex will auto generate a key for you (default: false)
  -b, --alphabet <alphabet>  The set of characters botex should use to generate a key (default:
  -l, --key-length <length>  The length of the generated key (default: "16")
  -s, --code-snippet         Print a JS code snippet using the created values (default: false)
  -h, --help                 display help for command
$ botex unscramble --help

Usage: botex unscramble [options] <input>

Deobfuscate a scrambled string to retrieve the original data

  -k, --key <key>  The key used to obfuscate the input
  -h, --help       display help for command



Package Sidebar


npm i botex

Weekly Downloads






Unpacked Size

82.8 kB

Total Files


Last publish


  • mefechoel