JavaScript Obfuscator

Protect your JavaScript source code with AST-level transforms. Everything runs in your browser your code never leaves your device.

Preset:
Input
0 chars 0 lines 0 B
Output
0 B

100% private

Your code never leaves your browser or saved on our server.

AST-level transforms

Powered by javascript-obfuscator, not regex hacks.

Load JS files

Drag & drop or click to open a .js file.

Frequently Asked Questions

It transforms your code into something functionally identical but extremely difficult to read. Techniques include: renaming all variables and functions to short meaningless identifiers, moving string literals into an encoded shuffled array, flattening control flow into a state-machine loop, and inserting bogus dead-code branches. The output runs exactly the same as the original.

Partially. A skilled developer with a deobfuscation tool or enough patience can recover the general logic. Obfuscation significantly raises the time and cost of reverse engineering, but it is not the same as encryption. Never store secrets like API keys, passwords, or tokens in client-side JavaScript regardless of obfuscation.

Not if your code follows standard patterns. Things that can cause issues: heavy use of eval(), relying on Function.name or Function.toString() at runtime, frameworks with string-based dependency injection like AngularJS 1.x, and dynamically constructed property names.

Yes, typically 50 to 200 percent slower depending on the options chosen. Control flow flattening has the biggest performance impact. For typical web pages this is imperceptible to users. For tight loops in performance-critical code, benchmark carefully after obfuscating.

No. Obfuscation runs entirely in your browser using the javascript-obfuscator library. Your code never leaves your device.