Support Center

Help, exactly when you need it.

Guides, community, and direct help for every tool in the FireflyProtector ecosystem — FireflyProtector, LuaVirtualBox, PyConfuser, JS-Reactor, HuTaoCrypt and more.

FAQ

Frequently asked questions

The search box above filters these in real time. Can’t find your answer? Reach us on Discord.

Getting started

What is the difference between each tool in the ecosystem?
Seven tools, each with a distinct job: FireflyProtector protects native Windows x64 EXE/DLL files. HuTaoCrypt is an encrypted local file vault. LuaVirtualBox obfuscates Lua/Luau (Roblox-ready). PyConfuser obfuscates Python 3.9–3.14 source. JS-Reactor obfuscates JavaScript. Vector Zero is a desktop shell that runs several of these protectors together. The WeAreDevs Deobfuscator is a defensive analysis tool that reconstructs obfuscated Lua.
Which tool should I use?
Match it to what you are protecting: a Windows .exe/.dllFireflyProtector; private files on disk → HuTaoCrypt; a .lua script or Roblox Luau → LuaVirtualBox; a .py script → PyConfuser; a .js script → JS-Reactor; one protected workflow across languages → Vector Zero. The More Tools page summarises availability and current status for each.
Where can I read full documentation?
The Documentation hub covers every product in one place — getting started, per-product reference (including the FireflyProtector error-code table in the Error Handling section), and resources. The Changelog tracks what shipped in each release.
Which file should I attach when reporting an issue?
Grab the protector_runtime.log from your application directory, your Machine ID (HWID) if licensing is involved, and the exact error code you received (for FireflyProtector, see the table in the User Guide). These three things let us reproduce the problem quickly. Send them through a private Discord ticket — never in a public channel.

FireflyProtector

What does FireflyProtector protect, and on which platforms?
It protects native Windows x64 PE files — .exe and .dll. It requires a 64-bit Windows target and administrator rights when kernel-level features are enabled. It does not process .NET/CLR managed assemblies or Linux ELF binaries yet. If you see Error: 0x11, the target is not a 64-bit system.
What do the FireflyProtector error codes mean?
FireflyProtector reports numeric codes rather than messages, for security. Common ones: 0x10 administrator rights required, 0x11 architecture mismatch (x64 required), 0x12/0x13 integrity/tamper error (re-protect the file), 0x15 online time-check connection failed, 0x20/0x21 security alert (close background analysis tools), 0x40/0x41 watchdog alert. The full table with troubleshooting steps is in the Error Handling section of the docs.
How does FireflyProtector licensing and HWID locking work?
A protected binary can be bound to a Machine ID (HWID) and/or a time limit and region. The license lives on the target hardware; if that machine is rebuilt or changed, request a reset through your profile or in Discord so the license can be re-bound. DLL targets have a few restrictions — for example they cannot self-elevate or enforce a time limit the way a standalone EXE can.
Why did my protected program trigger a security alert (0x20/0x40)?
Those codes mean a debugger, monitoring tool, or external watcher process was detected while the program ran. Ask the user to close any background analysis, screenshot, or reverse-engineering tools and run the program again. If it reproduces on a clean machine with nothing else running, open a false-positive ticket.

HuTaoCrypt

Where are HuTaoCrypt vaults stored, and is there cloud sync?
Vaults are local-only. On Windows the metadata lives under %APPDATA%\HuTaoCrypt\vaults\; on Linux under ~/.local/share/HuTaoCrypt. There is no built-in cloud sync — anything you sync via your own cloud client is outside HuTaoCrypt’s control. Back up the vault location yourself (use the in-app full-backup export to a .hutaobackup file).
What happens if I forget my HuTaoCrypt master password?
There is no recovery path — a forgotten master password cannot be reset, and we cannot decrypt your files for you. Keep your password somewhere safe, and use the in-app full-backup export so a lost machine does not mean lost data. The shredder and destructive tools are also irreversible by design.
Does deleting a file in HuTaoCrypt remove every copy of it?
Not necessarily. HuTaoCrypt shreds files inside the vault, but it cannot reach copies made outside its control — cloud/version history, OS backups, Windows Shadow Copies, and SSD wear-leveling may still hold remnants. Treat the vault as the single secure location and avoid letting plaintext versions exist elsewhere.
Which platforms does HuTaoCrypt support?
A Windows build (x64) and Linux builds (Debian and Arch) are available. The Windows version is currently ahead of Linux in version number. The app is self-contained (the required codec and UI libraries are bundled in), so you do not need to install a separate runtime to use it.

Script protectors (LuaVirtualBox · PyConfuser · JS-Reactor)

Which languages and versions do the script protectors support?
LuaVirtualBox: Lua 5.1 and Luau (Roblox). Lua 5.2+ _ENV features are not supported. PyConfuser: Python 3.9, 3.10, 3.11, 3.12, 3.13 and 3.14 (verified in the engine). It needs original .py source — .pyc files are not accepted. JS-Reactor: JavaScript (parsed with SWC).
Is LuaVirtualBox output really Roblox-compatible?
Yes — Roblox/Luau compatibility is a first-class goal, and the presets are built to keep generated code within Lua 5.1/Luau semantics so it runs in Roblox. The obfuscator itself does not run inside Roblox; it runs on a normal host and produces a .lua file you paste into your Roblox script.
My obfuscated output is much larger and slower. Is that normal?
Yes, this is expected and documented. Virtualization and metamorphic transforms trade performance for protection — a small script can grow from a few hundred bytes to tens of kilobytes (lighter presets) or several megabytes (heaviest presets), and runs noticeably slower. If size or speed matters, use a lighter preset/level, and virtualize only the sensitive parts rather than the whole script.
Why was my obfuscated script flagged by antivirus software?
Heuristic engines sometimes flag VM-style transforms and string protection because they resemble packer behavior. This is not antivirus evasion. Submit the sample to the vendor for review, and if a profile is genuinely over-triggering, open a ticket so we can look at adjusting it. Always test protected output in a clean environment before shipping.
Is obfuscation reversible?
No protection is 100% unbreakable, and we do not claim otherwise — the goal is to make reversing and tampering prohibitively expensive. For PyConfuser, the transform is irreversible on the source, so always keep a backup of your original file. Test the protected output in a clean environment before you ship it.
Why is the JS-Reactor web IDE sometimes in maintenance?
The hosted web IDE runs the protection engine server-side. When the underlying binary is being rebuilt for a production target, the editor is briefly taken offline rather than serving a broken tool. The desktop app and CLI still work during these windows; check the Changelog for status updates.

Security & policy

What is the policy on malware and abuse?
Strictly prohibited. The Terms forbid using these tools to protect malware, viruses, trojans, ransomware, spyware, keyloggers, or any code for unauthorized access. Violations lead to immediate termination and may be reported. These are tools for protecting your own legitimate intellectual property and private files.
Is the goal antivirus evasion?
No. The products are code-protection, vault, and analysis tools for defensive software hardening and controlled local workflows. We do not market malware evasion, hidden payload delivery, or bypass claims.
How do I report a security vulnerability responsibly?
Do not post vulnerability details publicly. Send a private message to the team in Discord with a proof of concept and the affected product and version. We acknowledge reports and credit responsible disclosure.
Why can’t I run the WeAreDevs Deobfuscator in the browser?
The hosted web version was intentionally removed — executing reconstructed Lua server-side is an inherent remote-code-execution risk. The tool is distributed as source you run locally (Python 3, with a bundled Lua 5.1) from its public repository, framed as defensive analysis for reconstructing obfuscated Lua you already have.

No matches for that search. Try a different term, or ask on Discord.

Before you reach out

  • Attach the protector_runtime.log from your application directory for runtime issues.
  • Include your Machine ID (HWID) for any licensing or activation question.
  • Note the product, version, and the exact error code you received.
  • Add clear reproduction steps — what you did, what you expected, and what happened instead.