Section

VM Obfuscation

Highest Security

VM obfuscation is the most advanced form of code protection. It transforms your JavaScript functions into custom bytecode that runs on a virtual machine embedded in the output. The original logic is completely hidden — no JavaScript to reverse-engineer.

Need help?

If you encounter any problems with VM obfuscation, please report them to support@obfuscator.io. See the Troubleshooting guide for what to include.

See Before & After Example

In this section

Targeting Functions

Selectively VM-obfuscate only sensitive functions for optimal performance.

Direct eval Behavior

Why direct eval() disables VM obfuscation, and how to avoid the pitfall.

Strict Mode Compatibility

Declare strict mode so the VM compiles correct bytecode.

VM Self Defending

Tamper detection, anti-hooking, and anti-agent protection for the VM runtime.

VM Debug Protection

Anti-debugging measures for VM-protected code.

How VM Transforms Code

What the VM keeps visible vs. hides, and how to protect function names.

Using the NPM Package

Apply VM obfuscation from your build pipeline via the npm package.

Troubleshooting

Narrow down issues and report them with the information we need to fix.

Getting Started

Targeting Functions