Kindi secureSWF
Enter your name and email below and the download link will be sent to you.

All submitted information is kept in the strictest confidence. Privacy Policy

For Windows, Mac, and Linux!

Cross Platform

ActionScript Obfuscator

Flash ActionScript is easy to decompile. More than 22 Flash decompilers exist today that attackers can use to view your ActionScript source code. This is not in any way a flaw in Flash; it is simply a reality of intermediate-compiled languages. Java and .NET applications suffer from the same exact problem. Being much higher-level than binary machine code, the ActionScript byte-code is full of identifiers and information that makes it easy to decompile.

Protect Your ActionScript

The goal of an obfuscator is to make decompilation extremely time consuming and painful so that it is not worth the effort. The goal is to stop all casual hackers and as many serious hackers as possible.

An ActionScript obfuscator removes the context from the byte-code that decompilers would use to generate human-readable ActionScript source code. The trick is to remove this context from evil intentions while retaining complete execution integrity with the original program. secureSWF accomplishes this completely - your Flash application will produce the same results as it did before obfuscation but the code is more difficult to decompile.

How secureSWF's ActionScript Obfuscation Works?

ActionScript obfuscation does not do any tricks or hacks on Flash decompilers that exploits their flaws to make them crash. It simply removes the information they use to generate readable and useful ActionScript code. secureSWF renames identifiers into meaningless and confusing names, removes frame labels and changes their references into indices, and removes metadata when possible.

This process can not be reversed in any way. The original identifiers' names, frame labels, and metadata no longer exist in the obfuscated ActionScript. Here is an example:

Before ActionScript Obfuscation

package com.fgg.Mines {
  import flash.display.*;

  public class Face extends MovieClip {

      public var win:MovieClip;
      private var _status:int;// = 0

      public static const START:int = 1;
      public static const WIN:int = 4;

      public function Face(){
          _status = START;
          addFrameScript(0, frame1);
      public function winner():void{
          _status = WIN;
      public function start():void{
          _status = START;
      public function get Status(){
          return (_status);
      function frame1(){

}//package com.fgg.Mines 

After ActionScript Obfuscation

package 2 {
  import flash.display.*;

  public class 6 extends MovieClip {
      public var  :MovieClip;
      private var ]:int;// = 0

      public static const 5:int = 1;
      public static const -:int = 4;

      public function 6(){
          ] = 1;
          addFrameScript(0, ();
      public function $():void{
          ] = 4;
      public function 4():void{
          ] = 1;
      public function get )(){
          return (]);
      function ((){

}//package 2 

The Information secureSWF Removes

secureSWF renames (or completely removes) everything you have assigned a name to while designing or developing your Flash application. There is no obfuscator (whether it is for Flash or something else) exists today that can remove that much of information. secureSWF renames or completely removes the following for ActionScript 1, 2, or 3:

  • Package names
  • Class names
  • Methods (getters and setters)
  • Variables
  • Dynamic Variables (even the ones done by AS2 eval)
  • Methods Parameters Names
  • Frame Labels
  • Symbol Instance Names
  • Button Names
  • Textfield Names
  • Edit Textfield Variable Names
  • SWF Metadata
  • ActionScript 3 Metadata
  • Debug filenames and line numbers


Our Users' Say: