Network Config Anonymizer for AI: Paste Safely, Troubleshoot Faster
Sysadmins use AI assistants to debug routing issues, trace ACL mismatches, and untangle VPN configs. The workflow is fast — until you remember your config is full of credentials. ScrubForge removes secrets locally before the config leaves your machine.
What's Actually in Your Config
A typical running config contains far more sensitive data than most people stop to think about before pasting:
None of these need to reach an AI server for troubleshooting to work. The AI needs the structure of your config — interface names, subnets, routing protocols, ACL logic. Not the actual credentials.
How to Anonymize Before You Paste
Export your running config
Pull the config from your device. On Cisco IOS: show running-config. On FortiGate: System → Configuration → Download. Most vendors have a CLI export or web UI option.
Open ScrubForge in Chrome
Click the ScrubForge icon in your toolbar. It opens as a local panel — no upload, no external server, no account needed.
Paste your config and scrub
Paste the raw config into ScrubForge. It detects credential patterns and replaces each secret with a consistent placeholder token like SCRUBBED_SECRET_1.
Copy the sanitized output
Copy the scrubbed config. The full structure is intact — IP addresses, interface names, routing policies — but no live credential remains.
Paste into your AI assistant
Paste the sanitized config into ChatGPT, Claude, Copilot, a support ticket, or a Reddit post. The AI gets full context to troubleshoot without ever seeing real secrets.
Why Consistent Tokens Matter
ScrubForge uses the same token everywhere the same secret appeared. If SCRUBBED_PSK_1 appears in both the IKE proposal and the tunnel interface, the AI can still follow the relationship — it just cannot recover the actual value.
username admin secret 5 $1$abc$xyz123 snmp-server community publ1c RO crypto isakmp key S3cr3tK3y address 10.0.0.1
username admin secret 5 SCRUBBED_HASH_1 snmp-server community SCRUBBED_SNMP_1 RO crypto isakmp key SCRUBBED_KEY_1 address 10.0.0.1
The AI still sees the full config structure — interfaces, routing, ACLs, policy. It can identify misconfigurations, flag contradictions, and suggest fixes. It just cannot see the credentials themselves.
Anonymize configs. Keep credentials local.
ScrubForge is a free Chrome extension. Runs entirely in your browser — no upload, no account, no server.
Install ScrubForge →Frequently Asked Questions
No. ScrubForge runs entirely in your browser using local JavaScript. Your config never leaves your machine — not even to Wendygo Studio's servers.
Yes. Network issues — routing loops, ACL mismatches, VPN phase mismatches, VLAN misconfiguration — are almost never caused by the credential values themselves. The AI needs the structure of the config, not the secrets.
ScrubForge detects credential patterns in Cisco IOS/IOS-XE, FortiGate, Juniper JunOS, and generic text configs. Any file containing credential-like patterns (passwords, keys, secrets) gets sanitized.
Each secret is replaced with a consistent placeholder token — for example SCRUBBED_SECRET_1. The same token is used everywhere the same original value appeared, so cross-references in the config remain meaningful to the AI.