You can view our update history here.
- Added a Crasher setting to keep class debug information from being modified.
- Task specific exclusion makes it easier to handle obfuscation incompatibilities.
- Member name exclusion is now also matched (e.g: "foo/bar/MainClass#*ain" excludes method "main" and "gain")
- More debug remover settings
- Renamer now renames local variables to used class names instead of deleting local variable names
- Descriptor obfuscation: Changes method parameters and field types to generic types to make it harder to identify what a members function is
- Don't override jar file comment if already present.
- "No compression" setting for spring boot jars.
- Fix for "Malformed class name" error caused by Renamer.
Android plugin: 1.1.4
- More detailed error logging.
- Fixed "Invalid JSON near position: 0" bug when using the Android API.
- Huge website look and functionality update.
- Implementation of a few task specific settings.
- Fixed a very rare bug in the flow obfuscation that caused an illegal exception table range error.
- Fixed a small bug in the flow obfuscation that caused a VerifyError.
- Flow obfuscation is now harder to reverse or decompile.
- Renamer now handles special metafactory lambdas. In some cases it now also keeps package names instead of keeping the full name (e.g. when getResource is used).
- Fixed that in a special case a class was replaced with a newly generated one.
- Fixed reflection reference obfuscation not obfuscating important classes on very small jars.
- Instantiation coverage now also covers virtual method invocations and was renamed to "Runtime coverage".
- Updated copyright notice of the Branchlock runtime.
- Sped up obfuscation process (mostly flow obfuscation).
- Renamer now handles custom annotations with values.
- Lib exclusion is now done before re-including.
- New Renamer algorithm, which fixes some AbstractMethodErrors, but takes a bit longer than the old one.
- Fixed a rare bug when Flow obfuscation, Renamer and Reflection reference obfuscation are used resulting in a ClassNotFoundException.
- Improved reflection handling for Renamer.
- Improved loading and saving speed.
- Fixed a bug in reference reflection obfuscation that threw the NoClassDefFoundError caused by unresolved class references in the static initializer instead of the method that contains the reference.
- Fixed a bug in yesterdays update that caused some tasks not to function together. Apologies from our side.
- Small changes to the reflection reference obfuscation which makes it a bit more lightweight and flexible.
- Fixed reflection obfuscation sometimes ignoring
- Fixed reflection obfuscation throwing NullPointerException instead of NoSuchMethodError / NoSuchFieldError on unresolved references.
- Demo now only obfuscates 2 methods per class instead of excluding 40% of all classes.
- Exclude methods with
**#mainwould e.g. exclude all main methods.
?javax/swing/JPanel#paintwould exclude all paint methods of all JPanel classes. Use
constfor constructors and
staticfor static initializers.
- Updated Renamer to support method exclusion and improved exclusion handling.
- Fixed reflection reference obfuscation for java 1.4 or lower classes (including Groovy runtime classes).
- Improved flow obfuscation in strength and performance and fixed a bug that caused an IllegalAccessError.
- Stacktrace encryption now cuts the file type (eg.
MyMainClass) to save unnecessary file size.
- Fixed a bug in the obfuscation panel that prevented licensed users from obfuscating
- Keep Renamer from renaming fields, methods or classes if they have a
- Fixed a bug in reflection reference obfuscation that caused the application to crash in a certain case.
- Added a separate debug information remover task instead of letting Scrambler remove debug information.
- Improved performance of the reflection reference obfuscation.
- Hotfix for the enhanced string encryption mode.
- Small optimization in the compatibility string encrypton.
- Fixes Branchlock creating version 52 classes in certain cases instead of supporting lower versions.
- New reference encryption mode: "Reflection mode". Supports java versions below 8, is Android compatible and has low impact on the file size (~17%). Equally secure as dynamic mode.
- Fixed another rare "UTF-8 vector too large" bug in compatibility string encryption.
- Number obfuscation now extracts often occurring numbers to variables to save file size and performance.
- Increased performance of compatibility string encryption and fixed a rare "UTF-8 vector too large" bug.
- Improved illegibility of number encryption.
- Moved switch encryption to number encryption.
- "serialVersionUID" fields are not inlined by number encryption anymore.
Android plugin: 1.0.2 - 1.1.1
- Fixed a bug that was caused when multiple libraries had overlapping classes.
- Library classes are now converted to stubs to save upload time. (
fullLibCode = truecan disable that)
- Using own exceptions now for better handling.
2.0.0 (Android update)
We are happy and proud to introduce Android support, which was not easy to implement, because Android behaves very differently from the desktop JVM, but we managed to make most of Branchlock compatible with Android, including Android 11. You may encounter some bugs at the beginning, but we would be glad if you tested it on your Android applications, if you are developing some currently. Branchlock is the first obfuscator to use a gradle plugin to do the work for you. You also can use Branchlock in combination with ProGuard, for even more protection.
- Android support introduction, including most tasks.
- Anti root task for android, which checks for root and suspends the app if it is detected.
- Obfuscator performance improvements.
- Fixed a bug in Scrambler that caused a crash when using custom annotations.
- New string encryption mode "compatibility" that is faster than the current enhanced mode and compatible with old java versions, as well as android.
- Removed heavy reference encryption mode.
- More android compatibility preparation.
- Fixed a bug that caused a NPE when a program obfuscated with references that contained a class in the root package which is referenced, is run with java 8.
- Made (enhanced) reference encryption android compatible and a bit more secure. Heavy reference encryption will be removed soon, as it won't be updated anymore.
- Number encryption is now even more illegible for byte range terms.
- Partial android support (in-dev).
- Fixes a rare bug that crashes the obfuscator without leaving any log or output file.
- Non-printable name generation mode: Messes up decompilers with new-line indicators and low ascii characters.
- Option to exclude libraries from obfuscation automatically.
- Exclude classes that are assignable to certain class by using the
?javax/swing/**will exclude all classes that are assignable to a class in the package
?java/lang/Objectwould for example exclude everything. This operator can also be used for reincluding.
- Generalize access also removes synthetic modifiers now
- Renamer now only updates the access of members that need to be updated to avoid access errors instead of making all members public
- Method references to methods with a @CallerSensitive annotation are not getting encrypted anymore in reference obfuscation.
- Fixes a bug in light reference obfuscation that caused some extremely rare cases to get resolved incorrectly (reference wrongly points to a method in a parent class with the same name of the actual method).
- Heavy reference encryption is now deprecated, as light reference obfuscation is now out of the experimental stage.
- Fixes an enhanced reference obfuscation bug that is caused when a static method with the same name as a non-static method exists in a parent class of the owner class containing the non-static method. (java.lang.invoke.WrongMethodTypeException: cannot explicitly cast MethodHandle... to (Object,...))
- Fixes constant tag error caused by string obfuscation.
- Fixes analyzer errors in the output log when using flow obfuscation.
- Huge flow obfuscation improvements. Monitor instructions and ugly try catch blocks now make your code really hard to read. It also doesn't process as long as it did before.
- Stacktrace encryption for better analysis of crashes without the need for ReTrace. The stacktraces of your users can be decrypted in the stacktrace panel right next to the obfuscator using your secret key. This makes crash analysis much easier.
- Flow encryption is now processed faster and encrypts
- Number encryption now also encrypts floating point constants.
- Fixes a duplicate method definition bug in enhanced reference encryption.
- Scrambler now makes lambdas harder to decompile.
- Branchlock classes are now also placed in random packages.
- String encryption now takes a bit less file size and also encrypts static final String fields.
- Number encryption now also encrypts static final int / long fields.
- Fixes a bug that caused an "Illegal class name" exception.
- Fixes a bug that left callsite methods and fields unobfuscated.
- Let the user choose if branchlock should adapt their class and method names to the provided class and method names (Adaptive mode) or use weird characters instead (that could crash decompilers / tools).
- Demo now only excludes 60% of the classes if more than 25 classes are obfuscated instead of 5.
- Instantiation coverage: Hide runtime instantiations like
new IllegalStateException(). Lightweight but effective.
- Fixes a way to bypass anti-debug.
- Scrambler now also makes switch statements harder to read. Can be combined with number obfuscation.
- Fixes a static method resolvation bug in enhanced reference encryption.
- The function "Import from pom.xml" was added. You can now upload your pom.xml file and Branchlock will automatically download the libraries from the repositories via maven.
- New execution order to ensure more encryption with certain execution combinations.
- Number obfuscation is now more dynamic and the impact on the file size is less divergent.
- Enhanced reference obfuscation is now harder to decompile, but may be a bit slower at initialization.
- Hardens number obfuscation even more, which also makes reference and string encryption more difficult to decrypt, especially when used in a combination.
- Fixes a NullPointerException during string obfuscation.
- Fixes a bug that causes a ClassCastException due to the reference obfuscation of
- Number obfuscation: Obfuscates whole number constants (ints and longs). Unusual constants like
-1880695587are protected more than more occuring ones like
- The JVM-argument
-noverifywas removed from the anti-debug check, as some programs depend on it.
- Other executions now make use of the number obfuscation for even more protection.
- Anti-debug: Disables certain debugging methods that could be useful for potential attackers. Should be used in combination with reference obfuscation, as it makes it harder to remove.
- Fixed a bug that caused the obfuscator to crash when everything is excluded.
- Count of excluded / re-included classes is now logged again.
- Scrambler now scrambles integer / long multiplications and divisions with one constant.
- Improved string obfuscation. Faster and safer.
- General optimizations.
- Access generalizer: Removes all access modifiers that could help a possible reverse engineer. Makes it harder to identify which fields are changed and which remain unchanged.
- Improved flow obfuscation, while keeping file size.
- A demo version is now available for all registered users.
- Added a feature to shuffle class members.
- Scrambler now affects fields too.
- Rewrote the whole class loading, excluding and execution process. This lead to an increasage of obfuscation speed.
- Several things were optimized for a better performance of the output file.
- Fixed some minimal typing mistakes.
- Increased performance and decreased size of reference obfuscation by a small bit (heavy mode).
- Crasher now also confuses zip-extraction programs.
- Better logging messages at exporting.
- Fixed a bug that caused both reference obfuscation modes to throw an AssertionError sometimes (but very unlikely)
- Fixed a bug that caused some field references to get resolved wrongly in the experimental mode. This required to increase the output file size percentage a bit (by 5 - 10 percent), but makes it more stable.
- Obfuscation tasks now check for compatibility before obfuscating a class.
- Fixed a bug in experimental reference obfuscation that caused field references to resolve wrongly.
- Improved performance of output files a little.