FireflyProtector Documentation
Everything you need to install, integrate, and get the most out of FireflyProtector and the wider protection toolkit. Browse the Quick Start, pick the right product for what you are protecting, or jump to the error-handling reference when something goes wrong.
Getting Started
FireflyProtector is a suite of code-protection and analysis tools. Some run entirely in your browser on this site; others are desktop applications you download. This page explains what each one does, how to start using it, and how to recover from common errors — without exposing internal protection mechanics.
.exe/.dll → FireflyProtector;
private files on disk → HuTaoCrypt;
a .py script → PyConfuser;
a .js script → JS-Reactor;
a .lua/Luau (Roblox) script → LuaVirtualBox;
obfuscated Lua you want to reconstruct → WeAreDevs Deobfuscator.
Installation
The web tools need nothing but a modern browser. The desktop tools install like any normal application. Pick the path that matches the product you want to use.
Web tools No install
PyConfuser, JS-Reactor and LuaVirtualBox run entirely in your browser at their tool pages — nothing to download or install. You do need a free, email-verified account to open an editor.
HuTaoCrypt Desktop
Download the installer or package for Windows (x64), Arch or Debian Linux from the HuTaoCrypt downloads section. The app is self-contained — no extra runtime is required.
FireflyProtector Coming Soon
The native protector is still in development. When it ships, installation steps will appear here. For now, treat the product notes as a preview of what is being built.
Quick Start
Three steps to protect your first script with any of the web tools:
Sign in & verify your email
The editors require a logged-in, email-verified account. If you hit
HTTP 401 you are not signed in; HTTP 403 means your
email is not verified yet.
Paste your source & choose options
Drop your code into the editor and toggle the protection layers you want. Most layers are enabled by default — turn off the heavy ones (VM, control-flow flattening) if you need smaller or faster output.
Obfuscate, then copy or download
Pass the captcha, click Obfuscate, watch the terminal pane for status, then copy or download the result. Always keep your original source — protection is irreversible.
Documentation Sections
Detailed, per-product reference for each tool in the ecosystem.
FireflyProtector
Native Virtualization SDK for x64 EXE, DLL & ELF targets.
A native desktop protector that applies full-function virtualization, anti-debug, anti-VM, anti-tamper and licensing to compiled applications. The SDK targets x64 EXE, DLL and Linux ELF / .so outputs. Function virtualization can be targeted by PDB or by markers.
Supported input
- Windows x64
.exeand.dllfiles (PE). - Linux ELF /
.sotargets (in development). - It does not process .NET/CLR managed assemblies.
Security options (user-facing)
- Anti-Dump — prevents memory dumping of the protected process.
- Anti-Debugging — detects debuggers; configurable level (1–3) and policy (Desktop / VM Allowed / High Risk).
- Anti-VM — detects VMWare, VirtualBox, Virtual PC, Sandboxie, Hyper-V, Parallels and QEMU; each can be toggled individually.
- Anti-Sandbox — refuses to run inside analysis sandboxes.
- Anti-Monitor — blocks screen-capture and monitoring tools.
- Virtualization — full native-code virtualization with bytecode encryption, mutation and trash generation sliders.
- Entry Point Virtualization & Native Packing — virtualize the entry point and pack the output.
- Anti-Tamper — integrity checks; the app refuses to run if patched.
- HWID Lock, Time Limit & Region Lock — bind output to specific hardware, an expiry date, or allowed regions.
- FireflyWrapper — secure in-memory launcher with parent-child authorization.
- Designer — fully custom user-facing messages and branding.
PyConfuser
Web-based Python source obfuscator.
A professional-grade Python obfuscator that parses your source into an AST and applies multiple independent transformation passes, wrapping the result in a custom virtual machine. Runs entirely in the browser at /python-obfuscator — no download required.
| Input / output | Details |
|---|---|
| Format | Python .py source pasted into the editor. .pyc is not accepted. |
| Target Python | 3.9 – 3.14 (the engine supports this range) |
| Max size | 5 MB |
| Output | A single obfuscated .py file — copy or download (obfuscated.py) |
Protections (all on by default)
An Intensity Preset slider (Low → High, default High) drives how many of these layers are stacked on, from rename-only up to the full virtualization stack.
cryptography package. On the target machine, install it with
pip install cryptography.
JS-Reactor
Web-based JavaScript obfuscator with AST virtualization.
A JavaScript obfuscator that parses source into an AST and rewrites the logic into a custom, polymorphic bytecode VM — every build produces unique output. Runs in the browser at /js-reactor.
| Input / output | Details |
|---|---|
| Format | Valid JavaScript source pasted into the editor |
| Max size | 5 MB |
| Output | Protected JavaScript — copy or download as protected.js |
Protections (all on by default)
HTTP 503. Watch the
Changelog for status updates.
LuaVirtualBox
Web-based Lua / Luau obfuscator, Roblox-ready.
A Lua obfuscator that translates readable source into a VM-based protected program, constrained to Lua 5.1 / Luau semantics so the output runs in Roblox. Runs in the browser at /lua-virtualbox. Before the editor opens you pick an engine version on the chooser page.
| Input / output | Details |
|---|---|
| Lua versions | Lua 5.1 and Luau (Roblox). Lua 5.2+ _ENV is not supported. |
| Max size | 5 MB |
| Output | A protected .lua file — copy or download (obfuscated.lua) |
Two engines
- Legacy 1.0.4 — Compact — fast loading, best for Roblox-style scripts. Adds a Preset dropdown (Roblox / Luau, Balanced, Maximum Security) plus Beautify Output and VM Shuffle toggles.
- Current 1.3.0 — Max protection — strongest public output; intentionally exposes only the three presets.
VM profiles
- Min — lightest preset; best when size matters.
- Med — balanced protection with stronger output.
- Max — strongest preset; largest and heaviest.
HuTaoCrypt
Desktop encrypted file vault.
A desktop application that stores sensitive files inside password-protected vaults, encrypting them in place with AES-256. Images, video, audio, PDFs and text can be previewed directly inside the app without writing decrypted copies to disk. Fully offline — no cloud account or remote service is required.
| Platform | Package | Version |
|---|---|---|
| Windows (x64) | HuTaoCrypt_Setup.exe | 1.0.4 |
| Arch Linux | .pkg.tar.zst | 1.0.0 |
| Debian / Ubuntu | .deb | 1.0.0 |
Download from the HuTaoCrypt downloads page. The builds are self-contained (no separate runtime needed). macOS is not supported; the Linux builds currently lag behind Windows.
Basic usage
- Create a vault — pick a source folder, name the vault, set a password; files are encrypted in place.
- Unlock — locked vaults stay sealed until the correct password is entered.
- Browse & preview — view images, video, audio, PDFs and text directly inside the app.
- Use built-in tools — scan for unencrypted files, strip metadata, shred leftovers, generate passwords, or encrypt short text.
- Configure — theme, transparency, auto-lock, inactivity timeout and vault paths.
.hutaobackup export) so a lost machine does not mean lost data.
WeAreDevs Deobfuscator
Trace-based reconstruction for obfuscated Lua (self-hosted).
A defensive analysis tool that reconstructs obfuscated Roblox/Lua scripts back into readable Lua by simulating a mock environment, hooking environment calls, and translating execution traces. The hosted web version has been intentionally removed — running reconstructed Lua server-side is an inherent remote-code-execution risk.
The tool is distributed as source you run locally from its public repository. Requirements: Python 3; a Lua 5.1 executable is already bundled in the repo.
Error Handling
Common errors across the web tools, what they mean, and what to do. Most failures return a numeric HTTP status — match it to the row below.
| Status | Meaning | What to do |
|---|---|---|
400 |
Invalid payload — code is not a string or options are missing. | Refresh the editor and resubmit. Ensure you pasted text, not a file object. |
401 |
Authentication required. | Sign in, then reopen the editor. |
403 |
Email verification required, captcha failed, or invalid CSRF token. | Verify your email from your profile; re-run the captcha; reload the page. |
405 |
Method not allowed. | Use the editor's Obfuscate button — do not call the endpoint directly. |
413 |
Code exceeds the maximum size limit of 5 MB. | Split the file or reduce its size, then retry. |
429 |
Rate limit exceeded (one submission per 10 seconds per IP). | Wait 10 seconds before the next submission. |
500 |
Obfuscation failed or timed out (30-second server cap). | Use a lighter preset, virtualize a smaller input, and retry. |
503 |
JS-Reactor Web IDE is temporarily offline for maintenance. | Retry later; check the Changelog for status. |
410 |
WeAreDevs hosted processing is permanently gone. | Use the self-hosted GitHub/GitLab releases instead. |
FireflyProtector error codes
FireflyProtector reports numeric hex codes instead of messages, by design. The most common ones:
| Code | Meaning |
|---|---|
0x10 | Administrator rights required. |
0x11 | Architecture mismatch — a 64-bit target is required. |
0x12 / 0x13 | Integrity / tamper error — re-protect the file. |
0x15 | Online time-check connection failed. |
0x20 / 0x21 | Security alert — close background analysis tools. |
0x40 / 0x41 | Watchdog alert — a debugger or watcher was detected. |
protector_runtime.log,
your Machine ID (if licensing is involved), and the exact error code. Send them through
a private Discord ticket — never in a public channel, because logs
may contain sensitive information.