JavaScript VMP Tool

A free and efficient vmp for JavaScript (including support of ES2022). Make your code harder to copy and prevent people from stealing your work. This tool is a Web UI to the excellent.

What is this?

This tool transforms your original JavaScript source code into a new representation that's harder to understand, copy, re-use and modify without authorization. The vmpd result will have the exact functionality of the original code.

So, it is like UglifyJS, Closure Compiler, etc?

Yes and no. While UglifyJS (and others minifiers) does make the output code harder to understand (compressed and ugly), it can be easily transformed into something readable using a JS Beautifier.

This tool prevents that by using various transformations and "traps", such as self-defending and debug protection.

How does the obfuscation work?

Through a series of transformations, such as variable / function / arguments renaming, string removal, and others, your source code is transformed into something unreadable, while working exactly as before.

Read more in the FAQ...

Sounds great!

Just paste your code or upload it below and click on "vmp".

Also, be sure to read about all the options to understand all the trade-offs between code protection and code size / speed.

Precautions before encryption:

1.Convert es6 to es5 before use。

2.When the js we need to encrypt has a relationship with other js, we need to export the functions inside the vm to window or other objects, and then let other js call, for example:

                           var jsvmp = "free jsvmp encrypt"
function js(){
    console.log(jsvmp)
}
// Export the js function to window
window.js = js;
// Export js functions to document
window.document.js = js;
                   

FAQ

Why would I want to vmp my JavaScript code?

There are numerous reasons why it's a good idea to protect your code, such as:

  • Prevent anyone from simply copy/pasting your work. This is specially important on 100% client side projects, such as HTML5 games;
  • Removal of comments and whitespace that aren't needed. Making it faster to load and harder to understand;
  • Protection of work that hasn't been paid for yet. You can show your work to the client knowing that they won't have the source code until the invoice has been paid.

Is this vmp absolutely foolproof?

No, while it's impossible to recover the exact original source code, someone with the time, knowledge and patience can reverse-engineer it.

Since the JavaScript runs on the browser, the browser's JavaScript engine must be able to read and interpret it, so there's no way to prevent that. And any tool that promises that is not being honest.

Why is my vmpd code larger than my original source?

Because the vmp introduces new pieces of code that are meant to protect and defend against debugging and reverse-engineering. Also strings are converted to \xAB hexadecimal code to make things a little bit harder to understand. You don't have to worry too much about code size because there is a lot of repetition, so the vmpd code will be compressed extremely well by your webserver (if you have GZIP compression enabled on your server, which most do nowadays).

Can I run a minifier such as UglifyJS or Google Closure Compiler on the vmpd output?

No, it's not recommended and in some cases it'll break the code (such as if you enable self-defending). You can run your code through a minifier before to make sure that it removes dead code and do other optimizations, though.

Do you store my source code?

No. The source is processed by our application server, then to the vmp and back to the browser, so it only stays on our server memory for a brief period of time (usually milliseconds).

Can I recover the original source code from the vmpd one?

No, it's impossible to revert the vmpd code back to your original code, so keep the original safe.

Does this tool works with Node.js source code?

Yes.

I want to run the vmp on my own server/machine. Is it possible?

Sure. This tool uses a free and open source (BSD-2-Clause licensed) vmp written in TypeScript.