Last updated 2023-05-10 15:55:21

What Is Code Obfuscation?

Table of contents


Code obfuscation is the art of mangling code in other to make it hard to understand but can still be processed by a compiler [→] or interpreter [→].

Use Cases and Examples

Here is an example of a source code and its obfuscated version.


01: function adder(a,b) { 02: return a+b; 03: } 04: console.log(adder(1,2)); // 3

Obfuscated version

01: function _0x4d54(){var _0x18a909=['13531584fdTzaM','222872TGmnEy','851432oTVLov','20mHGLJV','503130wGVNmN','123WnocgB','133UmiAFm','78fRSXyR','1825569oolImR','log','71756ADmkcw','301265ttwfTB'];_0x4d54=function(){return _0x18a909;};return _0x4d54();}var _0x83888b=_0x57c8;(function(_0x3cf8cc,_0x3c9489){var _0x51917f=_0x57c8,_0x211690=_0x3cf8cc();while(!![]){try{var _0x235081=-parseInt(_0x51917f(0x1da))/0x1+parseInt(_0x51917f(0x1dc))/0x2+parseInt(_0x51917f(0x1dd))/0x3*(parseInt(_0x51917f(0x1e2))/0x4)+parseInt(_0x51917f(0x1e3))/0x5*(-parseInt(_0x51917f(0x1df))/0x6)+-parseInt(_0x51917f(0x1de))/0x7*(parseInt(_0x51917f(0x1d9))/0x8)+-parseInt(_0x51917f(0x1e0))/0x9*(-parseInt(_0x51917f(0x1db))/0xa)+parseInt(_0x51917f(0x1e4))/0xb;if(_0x235081===_0x3c9489)break;else _0x211690['push'](_0x211690['shift']());}catch(_0x2c531a){_0x211690['push'](_0x211690['shift']());}}}(_0x4d54,0x70060));function _0x57c8(_0x1465c5,_0x25a6d8){var _0x4d541e=_0x4d54();return _0x57c8=function(_0x57c84c,_0x2d9273){_0x57c84c=_0x57c84c-0x1d9;var _0x5ebd89=_0x4d541e[_0x57c84c];return _0x5ebd89;},_0x57c8(_0x1465c5,_0x25a6d8);}function adder(_0x4454d3,_0x56d64a){return _0x4454d3+_0x56d64a;}console[_0x83888b(0x1e1)](adder(0x1,0x2));

Try running both code samples above and you will end up with the same result, however, the latter is a lot harder to read and to understand.

Some teams obscure their code to prevent preying eyes from understanding what is happening and making successful changes. This is something a team is likely to do if the software is created using an interpreted programming language and deployed on a customer's server.

Some people also do it for the fun of it.


Modern-day code minification can also be seen as some form of obfuscation.

Most of the code becomes unreadable since short-form variables are used and all forms of indentation and spacing that help make code readable are removed as well.

Here is another article you might like 😊 "Diary Of Insights: A Documentation Of My Discoveries"