AutoIt Obfuscator version history

Engine history

v1.9

• Fixed handling of For loops with steps e.g. For $i = 5 To 1 Step -1
• Fixed handling of enumerations with steps e.g. Local Enum Step *2 $eFoo1, $eFoo2

v1.8

• Added explicit variables declaration to pass Opt("MustDeclareVars", 1)

v1.7

• Fixed handling of COM object properties assignment e.g. $ocrypt.CryptAlgorithm = "aes"

v1.6

• Added anti regular expression patterns e.g. Global $vx = Asc(StringMid("Random(18, 150 + SRandom(), 162)", 3, 1)) to prevent automatic deobfuscation with simplistic search & replace methods like these
• Fixed handling of comment blocks #cs & #ce (thx Kao)

v1.5

• Long awaited parser upgrade to support COM object calls, like WMI components queries e.g. $objWMIService.ExecQuery(...) as well as the support for object properties e.g. MsgBox($objItem.FreeSpace)

v1.4

• Fixed handling of FileInstall() function. Its first parameter has to be a string literal, and now it's preserved in the obufscated code.

v1.3

• Proper handling of Null keyword

v1.2

• Change linear code execution flow to nonlinear version obfuscation strategy added
• Added an automatic removal of #Region and #EndRegion pragmas
• Many internal changes and bugfixes

v1.11

• A new obfuscation strategy - shuffle order of functions in the output source

v1.1

• Huge speed improvements due to the rewritten AST parsing engine logic

v1.01

• System variables $CmdLine and $CmdLineRaw are not renamed anymore

v1.0

• Initial release

Client history

v1.5

• All binaries were digitally re-signed using Thawte digital certificate. Long story short - our previous certification company StartCOM was banned first from the major web browsers and now in 2019 from Microsoft Windows because of their shady business practices (issuing back dated certificates) and their main CA certificate was revoked, which resulted in blocking any software signed with their digital code signing certificates (even if it was valid till the end of 2019 like in our case). We had huge problems to get a new one with COMODO / Sectigo because of their dumb policies, that required us to be listed in commercial business DUNS directory (1600 USD for a listing) or to have a blue shield of verification on Google Maps (even if this program was discontinued because it required to have a Google Business and now defunct Google+ accounts linked together...). I've been trying to get this new certificate for more than 3 weeks with COMODO without a result and with tons of legal, notary signed company papers, utility bills send to them for verification, they didn't want to issue a code signing certificate no matter what. Finally I have tried to get it from Thawte, and after a simple business verification process, they granted us a new certificate after 2 days. I would like to apologize to all the customers for all the inconvenience in those days when you couldn't use our software.

v1.4

• All clients updated to support new anti regular expression deobfuscation patterns

v1.3

• You can run both GUI and command line version on latest Mono version

v1.2

• Support added for the new code flow mixing obfuscation strategy
• PHP SDK updated
• Fixed a bug while saving settings to the Windows Registry

v1.1

• Support added for the new obfuscation strategy
• PHP SDK updated
• fixed activation code passing in command line version (it's /ActivationCode and it was wrongly described as /ActivationKey)

v1.0

• Initial release
• Windows client
• Command line version compatible with Windows and Linux (Mono)
• WebAPI client with PHP usage examples