This wizard will guide you to create your own obfuscator configuration. It will help you configure obfuscation passes and steps.
It also will allow to fill your own random comments dictionary. It can help you fix any PHP entities names, if you need them to be present
in interfaces that your code exposes. You will be also able to set names of classes and interfaces that you use from external libraries or PHP extensions
(usually this is done automatically, but you can modify analysis results here). If you want more help,
analyze PHP files you are going to obfuscate now, before running the wizard!
Press the button to reset your wizard progress. Notice, that progress automatically resets when you analyze script(s).
Again, make sure you have already analyzed PHP files you are going to obfuscate.
Used built-in classes and interfaces (your list)
Add all built-in or library classes and interfaces that are used by your script(s)
and are not present in the lists below. Click any entered name to remove it from list. All names in this list will remain unchanged after obfuscation,
as they are imported from external libraries or extensions (or they are included in PHP). All such classes should be already listed below. If any analyzed file lacks some class name, add this name manually.
Used built-in classes and interfaces (detected)
These names are explicitly or implicitly used by recently analyzed PHP scripts.
Guessed classes and interfaces (detected)
These are probably used by recently analyzed PHP scripts. These names will remain unchanged, too.
Now add names of your own classes and interfaces.
Most of them, if not all, should be already in the list below. As for built-in classes, all user classes should be already listed below. If any analyzed file lacks some class name, add this name manually.
Own classes and interfaces (your list)
Own classes and interfaces (detected, all names lower-case)
These are created and used by recently analyzed PHP scripts.
Now you can fix different PHP entity names. This can be useful if you want your scripts to expose some public interfaces.
Also, you can use this feature to fix names of external PHP functions, classes, interfaces and their methods, that are not known by the obfuscator.
You can put any name in any section (not depending on if it was detected by obfuscator analysis module).
You can also press the button below ("Prepare environment") to fix all PHP entity names that have been detected during analysis.
This can be useful if you are going to obfuscate PHP code that should work in some environment (i.e. you are developing a
plugin for phpBB, or you want to obfuscate a PHP file that requires Smarty). Thus, you should first analyze environment files
(phpBB or Smarty files, for example), then press "Prepare environment" button and close the profile wizard, then analyze your own PHP scripts and create new obfuscation
profile (based on your environment) for them using profile wizard and pressing the button "Restore environment". As a result, you will get a new obfuscation profile with desired steps and passes and which
also has all environment PHP entity names fixed.
Class, interface, trait method names
Non-member function names
List all namespace names parts, that you do not want to be renames. E.g., for namespace \Test\Ns specify strings Test and Ns.
Class, trait member variable names
Non-member variable names
Class and trait constant names
Built-in constant names
List all built-in PHP constant names here, that you do not want to be resolved to their values. Note, that their names are case-sensitive.
Now select which dictionaries of random useless comments you are going to use when obfuscating.
Move to the next step, if you are not going to add random comments to your scripts.
You can also create your own dictionary.
Dictionary comments, each on own line:
Now you are going to configure obfuscator passes and steps.
Before you begin, you can choose a preset for steps and passes to avoid creating them from scratch.
You will be able to change any settings from preset in the next step.
Choose built-in profile preset:
Now you are going to configure obfuscator passes and steps.
Pass can contain any number of steps. The more steps (and even passes) you include to configuration,
the more difficult to understand and slower you script becomes. Passes will be executed one by one,
steps in each pass will be executed one by one too.
You can drag steps up and down to reorder them.
Select a step to get a description for it.
Even if your obfuscation passes does not contain any steps,
your scripts will be processed as follows:
Comments and unnecessary spaces will be removed.
All inline HTML, HEREDOC, NOWDOC will be transformed to echo's.
This step must be bound to Rename functions/traits/classes/interfaces step.
It allows to pre-process callbacks like these (including also some callback forms with namespaces): array_map(Array('my_function'), $arr); array_map(Array('MyClass', 'someFunction'), $arr); array_map(Array('MyClass::someFunction'), $arr); array_map(Array($obj, 'someFunction'), $arr); array_map(Array($obj, 'MyParentClass::someFunction'), $arr); array_map(Array($obj, 'parent::someFunction'), $arr); array_map(Array($obj, 'self::someFunction'), $arr); array_map(Array($obj, 'static::someFunction'), $arr);
This is needed to later correctly rename functions and classes which are used in callbacks.
Note, that only built-in functions can be recognized as those which accept callable arguments.
Not all built-in functions can be processed.
Built-in classes with methods which accept callables (except __construct) are not supported.
If you use callbacks with text names of classes or functions (not lambdas), you probably have to check all of them carefully
(or even replace with lambda functions).
Nevertheless, it is recommended to include this step in the very beginning of the first pass,
if you are going to rename functions or classes.
Adds useless random PHP code to your script(s) without changing script logic.
You can set your own useless code generator config, otherwise built-in one will be used.
Encodes all strings in the script using selected algorithm.
Encodes built-in and fixed function names using selected algorithm.
Encodes integers or floats using selected algorithm.
Can replace integers with random sequence of mathematical operations.
Changes integer base to decimal/hexadecimal/octal/binary or random.
Renames variables using selected algorithm.
Renames class constants using selected algorithm.
Renames functions, classes, traits and interfaces using selected algorithm.
You can choose what and how to rename.
Renames namespaces, dividing their names into parts, using selected algorithm.
Changes syntax of all or particular control flow structures to classic or alternative.
Replaces most global scope built-in constants to their actual values.
Replaces all global scope constants to constant() call.
This is useful in conjunction with string encoding step.
Shortens some insignificant syntax features (such as type hints),
can replace some PHP functions with shorter aliases.
Inserts useless comments from built-in or user dictionaries.