JSDefender Features

JSDefender™ secures your JavaScript apps against tampering, misuse and data theft using sophisticated obfuscation and active protection techniques.

Some example transforms include:

TransformDescription
DomainLockAllows binding the code to a specific domain (or its subdomains). When the code running in the browser originates from a non-matching domain, it breaks with an error.
BooleanLiteralsTransforms the false and true literals to other expressions that result in the same false and true values, respectively.
IntegerLiteralsTransforms integer literals to other (less obvious) expressions that result in the same value when evaluated. It can also transform all integer literals to a specific radix (binary, decimal, hexadecimal, or octal).
PropertyIndirectionTransforms direct property access to indirect property access.
StringLiteralsExtracts string literals into variables and initializes those variables from encoded string literals. Replaces the original string with the corresponding variables.
LocalDeclarationMangles the names of local declarations.
DebuggerRemovalRemoves information from production code that can help hackers inspect your code.
ControlFlow ProtectionObfuscates the program’s control flow by adding opaque predicates or dead code and flattening the control flow.
Function ReorderingMoves functions from their original locations to a new one in the same lexical scope. When the *randomize* option is turned on, it sets the new location randomly.
Tamper DetectionWraps critical code with guarding functions, which check at runtime for modifications. Tampered code will not run correctly.
Date LockInjects code into the protected source, which tests if the current date is in a particular interval. If so, the code runs normally; otherwise, it can either exit or run a custom script.
Expression Sequence ObfuscationCollects adjacent expression statements in the code and joins them into an expression sequence that is harder to understand.
Property SparsingTransforms object literal expression assignments into multiple assignment statements to make them harder to read.
Variable Grouping ProtectionSeparates variable declarations and initializations; it moves the declaration part to the end of the declaration scope.

What does protected & obfuscated JavaScript look like:

BEFORE

BankABC.fundingSources.create('1xM821zkPUob1dmeNfhJedI1h5JkFRoC3Ja9Y8SLXp0EStArMT', {
	routingNumber: getVal('routingNumber'),
	accountNumber: getVal('accountNumber'),
	type: getVal('type'),
	name: getVal('name')
}, function (err, res) {
	console.log('Error: ' + JSON.stringify(err) + ' -- Response: ' + JSON.stringify(res));
});
customer_url = 'https://api-sandbox.BankABC.com/customers/AB993D36-3757-69C1-C3B4-29727FB3111C'
	customer = app_token.post("#{customer_url}/funding-sources-token")
	$('form').on('submit', function () {
		BankABC.configure('sandbox');
		var token = 'X9Bv3NuSrML7Ke1mcGmCT0EpwW34GSmDaYP09UfCpeWde46Jug';
		var bankInfo = {
			routingNumber: $('routingNumber').val(),
			accountNumber: $('accountNumber').val(),
			type: $('type').val(),
			name: $('name').val()
		}
		BankABC.fundingSources.create(token, bankInfo, callback);
		return false;
	});
function callback(err, res) {
	var $div = $('');
	var logValue = {
		error: err,
		response: res
	};
	$div.text(JSON.stringify(logValue));
	console.log(logValue);
	$('#logs').append($div);
}

AFTER

var Acjgb=ghsgb("uf}wz}t@|fapv`");var cemgb=ghsgb("pavrgv");var wZcgb=ghsgb
('\x22k^+!\x22ixCF|q\x22w~v]u{YvwZ\x22{&YxUA|P Yr*J+@_Kc#V@gRa^G');var 
Yaggb=ghsgb("a|fgz}t]f~qva");var sWWfb=ghsgb("rpp|f}g]f~qva");var UXZfb=ghsgb
("gjcv");var oTQfb=ghsgb("}r~v");var QUTfb=ghsgb("\x7F|t");var QoHgb=ghsgb
('Vaa|a)3');var sqKgb=ghsgb("`gaz}tzuj");var MlBgb=ghsgb('3>>3Av`c|}`v)3');var 
onEgb=ghsgb('{ggc`)<`r}wq|k=Qr}xRQP=p|~ 
$&$>%*P\x22>P Q\x27>!*$!$UQ \x22\x22\x22P');var Iivgb=ghsgb("c|`g");var 
kkygb=ghsgb("0hpf`g|~vaLfa\x7Fn`|fapv`>g|xv}");var Efpgb=ghsgb
('u|a~');function ghsgb(QIuhb){var kElhb="";for(var MFohb=0;MFohbQIuhb.
length;MFohb++){kElhb+=String.fromCharCode(QIuhb.charCodeAt(MFohb)^0x13);}
return kElhb;}var gBfhb=ghsgb("|}");var ICihb=ghsgb('`fq~zg');var cyZgb=ghsgb
("p|}uztfav");var Ezchb=ghsgb('`r}wq|k');var YuTgb=ghsgb('K*Qe ]f@a^_$Xv\x22~
pT~PG#VcdD \x27T@~WrJC#*FuPcvDwv\x27%Yft');var AwWgb=ghsgb
("er\x7F");var UrNgb=ghsgb('');var wtQgb=ghsgb("vaa|a");var wNDhb=ghsgb("av`c|}`v");
var YOGhb=ghsgb("gvkg");var sKxhb=ghsgb('0\x7F|t`');var ULAhb=ghsgb("rccv}w");
(BankABC[Acjgb][cemgb](wZcgb,{[Yaggb]:getVal(Yaggb),[sWWfb]:getVal(sWWfb),
[UXZfb]:getVal(UXZfb),[oTQfb]:getVal(oTQfb)},function(ofqeb,Qgteb){console
[QUTfb](QoHgb+JSON[sqKgb](ofqeb)+MlBgb+JSON[sqKgb](Qgteb));}),
customer_url=onEgb,customer=app_token[Iivgb](kkygb),$(Efpgb)[gBfhb](ICihb,
function(){BankABC[cyZgb](Ezchb);var kckeb=YuTgb;var Mdneb={[Yaggb]:$
(Yaggb)[AwWgb](),[sWWfb]:$(sWWfb)[AwWgb](),[UXZfb]:$(UXZfb)[AwWgb](),
[oTQfb]:$(oTQfb)[AwWgb]()};BankABC[Acjgb][cemgb](kckeb,Mdneb,oHrhb);
return (NaN===NaN);}));function oHrhb(gZdeb,Iaheb){var cWXdb=$(UrNgb);var 
EXaeb={[wtQgb]:gZdeb,[wNDhb]:Iaheb};cWXdb[YOGhb]
(JSON[sqKgb](EXaeb)),console[QUTfb](EXaeb),$(sKxhb)[ULAhb](cWXdb)}

Try it yourself with our Online Demo.

Protect Your Apps & Data and Reduce Risk Today