Closed Code, Open Protection

Nebula Obfuscation Framework

Advanced reverse engineering and static analysis protection for your JavaScript code

Try Nebula Obfuscator

See Nebula in action

Paste your JavaScript code in the box below to obfuscate. The result will appear in the second box.

Developer Integration

Want to use our framework in your own project? It's simple and fast. Just follow the steps below to integrate the CDN and the necessary HTML elements.

1. Add the CDN and Configuration

Add the following code to your HTML file, preferably in the <head> section, to load the library and define the obfuscation options. The license key is required to remove the watermark. The CDN is loaded asynchronously.

<script src="https://nebula.us.kg/cdn"></script>
<script>
  window.ObfuscatorConfig = {
    key: "YOUR_LICENSE_KEY_HERE",
    useEval: true // or false, depending on your preference
  };
</script>

2. Create the User Interface

Next, add the HTML elements so that the user can interact with the obfuscator. You will need two text areas, a button, and a space for messages.

<textarea id="inputCode" placeholder="Paste your original code here..." rows="10" cols="50"></textarea>
<textarea id="outputCode" placeholder="Your obfuscated code will appear here..." rows="10" cols="50" readonly></textarea>
<button onclick="obfuscateCode()">Obfuscate Code</button>
<div id="info"></div> <!-- (optional) -->

With these steps, the obfuscateCode() function will be available and functional on your page. Feel free to style the elements as you prefer to match your design.

Buy Premium License

● Removes watermark (Obfuscated by nebula.us.kg)

● Remove ads (Popunder)

○ One-time purchase

Document

Advanced Protection Against Reverse Engineering and Static Analysis

1. Introduction

Nebula is an advanced JavaScript code obfuscation system designed to protect intellectual property and sensitive algorithms against reverse engineering, static analysis, and unauthorized debugging. Using a fragmented key in volatile memory approach, Nebula ensures that cryptographic secrets never exist complete in memory, making key extraction extremely difficult even with memory analysis or dumping techniques.

2. Core Principles

2.1. Dynamic Key Fragmentation

  • Ephemeral Keys: Secrets are split into independently generated dynamic fragments.
  • Non-Persistence: No fragment remains intact in memory after use.
  • Obfuscation Layers: Multiple techniques of interleaving, dynamic XOR, and random noise are applied.

2.2. Anti-Debugging and Anti-Analysis

  • Hostile Environment Detection: Identification of debuggers, devtools consoles, and virtualized environments.
  • Adaptive Response: Non-deterministic behavior under detected threats.

2.3. Multi-Layer Obfuscation

  • Sequential Transformations: Code is processed through multiple encoding and encryption stages.
  • Active Decoys: Fake fragments and ghost variables are injected to confuse static analysis.

3. System Architecture

3.1. Fragment Generation

The system uses:

  • Dynamic Seeds: Based on system entropy and timestamps.
  • Random Interleaving: Real fragments are mixed with decoy data.
  • Unique Salts: Each execution generates new salts for XOR operations.

3.2. Secure Reconstruction

  • On-Demand Assembly: Keys are reconstructed only at the moment of use.
  • Integrity Verification: Checksums ensure no tampering occurred.
  • Self-Destruction: Keys are zeroed immediately after use.

3.3. Cryptographic Layer

  • Custom Algorithm: Based on modified RC4 with additional permutations and nonces.
  • Key Expandability: Expansion technique prevents frequency analysis.
  • Dual Stream: Two keystreams are combined for enhanced robustness.

4. Threat Mitigation

4.1. Reverse Engineering

  • Control Flow Obfuscation: Cryptic and non-linear logic.
  • Encoded Strings: No readable text remains in the final code.
  • Dynamic Variables: Variable names are randomly generated.

4.2. Memory Analysis

  • Volatile Fragmentation: Inability to capture complete keys.
  • Aggressive Cleanup: Sensitive data is overwritten immediately.
  • Non-Contiguous Allocations: Fragments are stored in unrelated regions.

4.3. Debugging and Tracing

  • Tool Detection: Identifies consoles, breakpoints, and code modifications.
  • Non-Deterministic Behavior: Responses vary under debugging.
  • Timing Traps: Performance checks detect tracing.

5. Applications

5.1. Intellectual Property Protection

  • Proprietary algorithms
  • Sensitive business logic
  • Licensing systems

5.2. Client-Side Security

  • Obfuscated API keys
  • Authentication tokens
  • Sensitive data in web applications

5.3. Fraud Prevention

  • Code anti-tampering
  • Compromised environment detection
  • Real-time tamper protection

6. Competitive Advantages

6.1. Unique Approach

  • Zero Complete Keys: Unlike solutions that store static secrets.
  • Continuous Adaptation: Techniques evolve with each execution.

6.2. Performance

  • Minimized Overhead: Optimized for client-side execution.
  • Fast Generation: Efficient fragmentation and reconstruction.

6.3. Analysis Resistance

  • Not Reliant on Base64: Custom encodings hinder automated decoding.
  • No Recognizable Patterns: Unique structure per execution.

7. Conclusion

The Nebula Framework represents a significant advancement in client-side code protection, offering proactive defenses against reverse engineering and static analysis. Its volatile fragmentation architecture and anti-debugging techniques provide a robust security layer without sacrificing performance.

For enterprise implementations or integration inquiries, contact our team.

Termos de Uso e Responsabilidade

O Nebula Obfuscation Framework é uma ferramenta de proteção de código JavaScript. Ao usar esta ferramenta, o utilizador concorda com os seguintes termos e condições:

1. Uso da Ferramenta: O framework é fornecido como uma ferramenta de segurança para proteger o código-fonte proprietário e os direitos de propriedade intelectual. Qualquer uso para fins maliciosos, ilegais ou para a ofuscação de código que viole os direitos de terceiros é estritamente proibido e de inteira responsabilidade do utilizador. O criador e/ou os proprietários da ferramenta não se responsabilizam por tais usos.

2. Limitação de Responsabilidade: A ferramenta é fornecida "tal como está" (as-is), sem garantias de qualquer tipo, expressas ou implícitas. O utilizador assume todos os riscos associados ao uso do software, incluindo mas não se limitando a danos, perdas de dados, ou falhas no sistema. Em nenhuma circunstância o criador da ferramenta será responsabilizado por quaisquer danos diretos, indiretos, incidentais, especiais, punitivos ou consequenciais que resultem do uso ou da incapacidade de usar o framework.

3. Responsabilidade do Utilizador: O utilizador é responsável por garantir que tem o direito legal de ofuscar o código que insere na ferramenta. Ao utilizar o framework, o utilizador garante que o código não contém conteúdo ilegal ou que viola direitos de autor, patentes, marcas registadas ou segredos comerciais de terceiros. A responsabilidade por qualquer litígio legal decorrente do uso inadequado da ferramenta é do utilizador.

Ao continuar a usar o Nebula Obfuscation Framework, o utilizador confirma que leu, compreendeu e concordou com todos os termos e condições descritos acima.