I am looking for the currently hardest-to-reverse JavaScript obfuscator. Bonus points if it can be run on one's own server. Performance hit and code bloat are fine.
It is not recommended to obfuscate vendor scripts and polyfills, since the obfuscated code is 15-80% slower (depends on options) and the files are significantly larger.
Deobfuscation techniques can be used to reverse engineer -- or undo -- obfuscation. These techniques include program slicing, which involves narrowing the program code to just the relevant statements at a particular point in the program.
Press F12 to open Developer Tools inside Chrome. Now switch to the Scripts tab, right-click and choose De-obfuscate source. That's it! Alternatively, go to jsbeautifier.org and copy-paste the cryptic JavaScript /HTML code that you are trying to understand.
Although obfuscation can make reading and reverse-engineering a program difficult and time-consuming, it doesn't make it impossible. It's important to keep in mind that while code obfuscation does a good job of obscuring source code, there's no obfuscator that guarantees maximum security.
Write it in Java, then run the bytecode in JavaScript with an obfuscated orto. That'll require two layers of decompilation in order to make any sense of it.
I'd be curious as to why you want to do this. Obfuscation offers no real protection. If you have something to protect, move it to the server-side, otherwise, why bother. If you're doing as you should and minifying/combining your JS that should be more than enough to scare away anyone not serious about knowing what your code is doing, and has performance benefits to boot. If they are serious, obfuscation isn't going to help you.
The JavaScript Code Encrypter And Obfuscator looked nice, until I actually tried to attack it. Took me about two minutes. The trivial solution:
for (i in window) { console.log(window[i]) }
That churned out a bunch of gibberish, but also the original code neatly boinked into one variable.
Note to self: Never, ever, ever, ever use anything you don't fully understand when it comes to security.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With