This wizard will guide you to create your own obfuscator configuration. It will help you configure obfuscation passes and steps.
It also will allow to fill your own random comments dictionary. It can help you fix any PHP entities names, if you need them to be present
in interfaces that your code exposes. You will be also able to set names of classes and interfaces that you use from external libraries or PHP extensions
(usually this is done automatically, but you can modify analysis results here). If you want more help,
analyze PHP files you are going to obfuscate now, before running the wizard!
Press the button to reset your wizard progress. Notice, that progress automatically resets when you analyze script(s).
Again, make sure you have already analyzed PHP files you are going to obfuscate.
Used built-in classes and interfaces (your list)
Add all built-in or library classes and interfaces that are used by your script(s)
and are not present in the lists below. Click any entered name to remove it from list.
Used built-in classes and interfaces (detected)
These are used by recently analyzed PHP scripts.
Guessed classes and interfaces (detected)
These are probably used by recently analyzed PHP scripts.
Now add names of your own classes and interfaces.
Most of them, if not all, should be already in the list below.
Own classes and interfaces (your list)
Own classes and interfaces (detected, all names lower-case)
These are created and used by recently analyzed PHP scripts.
Now you can fix different PHP entity names. This can be useful if you want your scripts to expose some public interfaces.
Also, you can use this feature to fix names of external PHP functions, classes, interfaces and their methods, that are not known by the obfuscator.
You can put any name in any section (not depending on if it was detected by obfuscator analysis module).
Class names
Interface names
Trait names
Class, interface, trait method names
Non-member function names
Class, trait member variable names
Non-member variable names
Class and trait constant names
Built-in constant names
List all built-in PHP constant names here, that you do not want to be resolved to their values. Note, that their names are case-sensetive.
Now select which dictionaries of random useless comments you are going to use when obfuscating.
Move to the next step, if you are not going to add random comments to your scripts.
You can also create your own dictionary.
Dictionary name:
Dictionary comments, each on own line:
Now you are going to configure obfuscator passes and steps.
Before you begin, you can choose a preset for steps and passes to avoid creating them from scratch.
You will be able to change any settings from preset in the next step.
Choose built-in profile preset:
Now you are going to configure obfuscator passes and steps.
Pass can contain any number of steps. The more steps (and even passes) you include to configuration,
the more difficult to understand and slower you script becomes. Passes will be executed one by one,
steps in each pass will be executed one by one too.
You can drag steps up and down to reorder them.
Select a step to get a description for it.
Even if your obfuscation passes does not contain any steps,
your scripts will be processed as follows:
Comments and unnecessary spaces will be removed.
All inline HTML, HEREDOC, NOWDOC will be transformed to echo's.
This step must be bound to Rename functions/traits/classes/interfaces step.
It allows to pre-process callbacks like: array_map(Array('my_function'), $arr); array_map(Array('MyClass', 'someFunction'), $arr); array_map(Array('MyClass::someFunction'), $arr); array_map(Array($obj, 'someFunction'), $arr);
This is needed to later correctly rename functions and classes which are used in callbacks.
Note, that only built-in functions can be recognized as those which accept callable arguments.
Not all built-in functions can be processed.
Built-in classes with methods which accept callables (except __construct) are not supported.
If you use callbacks with text names of classes or functions (not lambdas), you probably have to check all of them carefully
(or even replace with lambda functions).
Nevertheless, it is recommended to include this step in the very beginning of the first pass,
if you are going to rename functions or classes.
Adds useless random PHP code to your script(s) without changing script logic.
You can set your own useless code generator config, otherwise built-in one will be used.
Encodes all strings in the script using selected algorithm.
Encodes built-in and fixed function names using selected algorithm.
Encodes integers or floats using selected algorithm.
Can replace integers with random sequence of mathematical operations.
Changes integer base to decimal/hexadecimal/octal/binary or random.
Renames variables using selected algorithm.
Renames class constants using selected algorithm.
Renames functions, classes, traits and interfaces using selected algorithm.
You can choose what and how to rename.
Changes syntax of all or particular control flow structures to classic or alternative.
Replaces most global scope built-in constants to their actual values.
Replaces all global scope constants to constant() call.
This is useful in conjunction with string encoding step.
Shortens some insignificant syntax features (such as type hints),
can replace some PHP functions with shorter aliases.
Inserts useless comments from built-in or user dictionaries.
Adds random argument to the end of global and some class function declarations.
Encodes random or all characters of strings, transforming them into hexadecimal
or octal escape sequences.
Allows to add copyright to script.
You now can review you passes and steps configuration in a slightly different view.
If you want to reconfigure something, move to the previous step.
This is your final XML obfuscator configuration. You can copy it and save for later use.
Also, you can apply this configuration as current. To do this, press the button "Apply configuration".