AutoIt Obfuscator version history

AutoIt Obfuscator version history with changes and bugfixes to the obfuscation engine, Windows client versions and WebAPI interface.

Engine history


  • Avoid replacing WinApi constants with numeric values when they are declared in the source code, e.g. Global Const $CBS_DROPDOWNLIST = 3


  • Support for enumerations without a Local or Global scopes e.g. Enum $eIncr0, $eIncr2, $eIncr4
  • Support for enumerations without a Local or Global scopes, and a custom Step counter e.g. Enum Step * 4 $eIncr0, $eIncr2, $eIncr4
  • Variables renaming fixed
  • Speed up the variable renaming routine


  • Avoid renaming variables if they were not declared within the script because they could be constants from other included files. For example, unrecognized constants from other includes like $COLOR_WHITE or $COLOR_white won't be renamed anymore (thx MMOMinion)


  • Fixed For $i = 1 To 100 Step function($param) handling (thx Brockc)


  • Fixed For $item In $collection handling (thx Brockc)


  • Fixed handling of comment blocks #cs & #ce followed by a new line (thx Mike A.)


  • Added handling of arrays initialization with an empty declared length e.g. $array[] = [1, 2, 3]


  • Added support for direct access to array items returned by functions e.g. $nResult = DllCall('shlwapi.dll', 'int', 'StrCmpLogicalW', 'wstr', $sVal1, 'wstr', $sVal2)[0]


  • Added handling of arrays initialization without a declared length e.g. $array = [1, 2, 3]



  • Fixed handling of floating point values without a trailing 0, e.g. $var = .123




  • Fixed handling of COM object properties assignment e.g. $ocrypt.CryptAlgorithm = "aes"


  • Added anti regular expression patterns e.g. Global $vx = Asc(StringMid("Random(18, 150 + SRandom(), 162)", 3, 1)) to prevent automatic deobfuscation with simplistic search & replace methods like these
  • Fixed handling of comment blocks #cs & #ce (thx Kao)


  • Long awaited parser upgrade to support COM object calls, like WMI components queries e.g. $objWMIService.ExecQuery(...) as well as the support for object properties e.g. MsgBox($objItem.FreeSpace)


  • Fixed handling of FileInstall() function. Its first parameter has to be a string literal, and now it's preserved in the obufscated code.


  • Proper handling of Null keyword


  • Change linear code execution flow to nonlinear version obfuscation strategy added
  • Added an automatic removal of #Region and #EndRegion pragmas
  • Many internal changes and bugfixes


  • A new obfuscation strategy - shuffle order of functions in the output source


  • Huge speed improvements due to the rewritten AST parsing engine logic


  • System variables $CmdLine and $CmdLineRaw are not renamed anymore


  • Initial release

Client history

v1.0.3 Python Module

  • Python module added to use AutoIt Obfuscator directly from the Python 3 scripts.


  • All binaries were digitally re-signed using Thawte digital certificate. Long story short - our previous certification company StartCOM was banned first from the major web browsers and now in 2019 from Microsoft Windows because of their shady business practices (issuing back dated certificates) and their main CA certificate was revoked, which resulted in blocking any software signed with their digital code signing certificates (even if it was valid till the end of 2019 like in our case). We had huge problems to get a new one with COMODO / Sectigo because of their dumb policies, that required us to be listed in commercial business DUNS directory (1600 USD for a listing) or to have a blue shield of verification on Google Maps (even if this program was discontinued because it required to have a Google Business and now defunct Google+ accounts linked together...). I've been trying to get this new certificate for more than 3 weeks with COMODO without a result and with tons of legal, notary signed company papers, utility bills send to them for verification, they didn't want to issue a code signing certificate no matter what. Finally I have tried to get it from Thawte, and after a simple business verification process, they granted us a new certificate after 2 days. I would like to apologize to all the customers for all the inconvenience in those days when you couldn't use our software.


AutoIt Obfuscator Linux command line version
  • All clients updated to support new anti regular expression deobfuscation patterns


AutoIt Obfuscator v1.3 main window on Ubuntu Linux
  • You can run both GUI and command line version on latest version


AutoIt Obfuscator v1.2 main window
  • Support added for the new code flow mixing obfuscation strategy
  • PHP SDK updated
  • Fixed a bug while saving settings to the Windows Registry


AutoIt Obfuscator v1.1 main window
  • Support added for the new obfuscation strategy
  • PHP SDK updated
  • fixed activation code passing in command line version (it's /ActivationCode and it was wrongly described as /ActivationKey)


AutoIt Obfuscator v1.0 main window
  • Initial release
  • Windows client
  • Command line version compatible with Windows and Linux (Mono)
  • WebAPI client with PHP usage examples

Any questions?

If you would like to ask me about AutoIt Obfuscator, or something's not clear, mail me. I'll be happy to answer all of your questions.