F.A.Q - PowerShell Script Obfuscation (Obfuscate, Protect PowerShell Script Source Code)

All atshai.com protected scripts are designed to send out notifications by default in the event of a hack attempt. Notifications will NOT be sent out IF the user runs the obfuscated powershell script as "expected" and "does not" try to figure out how it works!

Why are notifications sent out to begin with?

Think of it as an alarm system. The reason you're on this particular website is because you want to keep your source code hidden and secure.

In some cases, you may wish to know precisely where your powershell code is and how it is being used. For such scenarios, the automatic notifications are very useful. But don't worry. This is a configurable option. You can enable/disable auto-notify during obfuscation of each script/project.

To obfuscate powershell scripts, you have two options.

  1. Online Submissions
    • This is an ideal option if you wish to simply upload your powershell scripts to the enscrypt.io web interface. With this option, you can submit up to the number of unique scripts allowed under the plan you purchased.
  2. OnPrem Licenses
    • This option allows for the usage of the powershell script Obfuscator on your own private hosts. No need to upload any script to our web portal.
      • This is a great option for users who do NOT wish to externally upload scripts they believe to be extremely sensitive. It is also the ideal choice for businesses with a large, increasing number of powershell scripts to obfuscate.
        • You will be permitted to use the AtShai PowerShell Obfuscator for as long as the license period is valid. And yes, there is currently NO limit to the number of scripts you can obfuscate using the OnPrem license.
For licenses, upon payment verification, the latest version of the powershell obfuscator will be generated and the download link for it will be sent to the email associated with the payment method. Note, unless requested otherwise, the download link will always be sent to the email address of the account through which payment was made.

For online submission accesses, after payment is confirmed, an email will be sent to you with the login details needed to access the web interface for uploading scripts.
It is generally believed that 'obfuscation' is not possible. And there are myriad of reasons for why those who believe this, think this way. One of such reasons is that, they (the naysayers) believe no matter how heavily obfuscated a code is, someone smart enough or someone with enough time on their hands can always crack the obfuscation.

While this has a modicum of truth to it, the reality is, no matter how smart the "hacker" is, no matter how much time they have on their hands, there is only a finite number of tactics they can employ to try to hack an obfuscated script, especially one equipped with dynamic intelligence.

So long as it remains true that there is only a limited number of ways to hack a script, our obfuscation will always prevail. We can always develop counter measures to counteract whatever loopholes a persistent hacker is able to discover. That is what we do. That is precisely what we specialize in and we have spent years perfecting the many different methodologies used in our obfuscation process.

Experience has taught us that source code security is an absolute must. It is important you, as a company or developer remain informed on where your code is being used and how it is being used. Not only will this provide you with insights on how to make your software more useful to your users, it'll also reveal the identity of any nefarious entity seeking to gain unauthorized access to your intellectual property and the frequency of such misbehaviors.

As of November 2021, when you search for the term 'powershell obfuscator', most of the results you'll be confronted with are very misleading. Thus, its important we clarify precisely what powershell obfuscation means.

In the context of protecting source code, powershell obfuscation is the process by which any plain text (.ps1) powershell script is converted into an illegible, unreadable but executable form, which still qualifies as an actual powershell script.

In other words, powershell code obfuscation is generally done for the purpose of accomplishing one or more of the following goals:

  • Prevent modifications to commercial powershell scripts
  • Permanently retain the ability to sell or share powershell code, without having to worry about theft of intellectual property
  • Gathering usage metrics on protected powershell code, once it is shared with the external/outside world
  • Regulate how long the commercial powershell scripts can be used
  • Regulate the list of users who are authorized to run/execute the protected powershell scripts
  • Regulate where (on which hosts) the obfuscated powershell scripts can be used
There are two main reasons an obfuscated powershell script would fail to work:

  1. It has either expired or had its name changed to a name different from the name given to it during obfuscation.
    • Once a script is obfuscated, you cannot rename the obfuscated script. If you do, it will not function.
    • Once a script expires, to regain the functionaility it provides, you must re-obfuscate it and be mindful of the expiration date.

  2. An attempt was made to tamper with it in order to figure out how it works.
    • We are quite aware that our obfuscation methodology is unique and there is absolutely nothing like it anywhere else on the internet. For this reason, there will be many hackers who will try to break it apart in an effort to replicate it or for some other nefarious reason.
    • To successfully combat this, a series of sensitivity checks are included in all AtShai.com protected scripts. What that means is, whenever our obfuscation mechanism detects that a user is performing hack attacks on an obfuscated script, we will automatically cause the script to self destruct.
    • If your obfuscated script self-destructs, the only way to get it working again is to retrieve it from the zip package it came in.
Contact us at [ Support@EnScryption.com ] if you need additional help. In your email, make sure to provide a copy and paste of all the steps (and their results) that you performed.
There is no "install". Yes, it is safe to use an AtShai.com protected powershell script on your system.

Yes you can. If you're submitting your powershell scripts through the web interface, you'll be allowed to upload as many unique scripts as is allowed under the plan you purchased.

If you're a OnPrem license holder, you can simply point the powershell obfuscator to the directory which contains the powershell scripts you wish to obfuscate and the obfuscator will take over.

Yes. After obfuscation, you can expect your powershell script to behave exactly as it was before it was obfuscated. Only difference will be, after obfuscation, no one will be able to view the actual code.

No. Once obfuscated, it cannot be decrypted. We highly recommend creating backups of your original un-encrypted script.
Currently, our obfuscation algorithm can be used to protect shell, perl, python, ruby, R, javascript, php and powershell scripts. Those were the most commonly requested languages for obfuscation.

If the script you wish to obfuscate is written in a different unlisted language, no worries. Feel free to contact us at [ Support@EnScryption.com ] and provide the following information:

    • The name of the interpreted language your script is written in
    • A sample code written in this interpreted language
    • How you normally go about running the script
    • The OS(es) you intend to run the obfuscated scripts on
  1. Date Management - Assign expiration dates to your .ps1 powershell scripts
  2. License Management - Regulate the redistribution of all scripts
  3. User Management - Restrict usage of your powershell scripts to specific Users
  4. Host Management - Restrict usage of your scripts to specific Hosts and Servers
  5. Duplication Prevention - Prevent multiple copies of your scripts, Safeguard the name given at the time of obfuscation.
  6. Instance Management - Restrict simultaneous or multiple running instances of your scripts
  7. Tamper Resistance - Auto self-destructs whenever a user tries to figure out how it works
    • a) Ensures an obfuscated script does not function if it detects that a necessary tool on the system has been altered
          Some users may build a modified version of a binary and then try to use that version to investigate our obfuscation/obfuscation algorithm.
            - The tamper resistance feature will detect this and will stop the script from working!
      b) Ensures that a protected script never works if the user is doing anything other than running it.
        - There are many interesting ways users can attempt to break a protected script.
        • We monitor for this and we block them at every turn.
      c) Ensures it is impossible for any user to modify a protected script
  8. Access Management - Remotely disable script usage if user is found to be in violation of licensing terms.
    1. Some users have nefarious intentions when they purchase online software. Upon purchasing a software, these users typically request a refund immediately after. And after the refund is given, they continue to use the software.
      • AtShai.com puts an end to this. Our customers have the option to make their script require internet connectivity.
          • If a customer opts to make her script require internet connection, then users of the script will NOT be able to run it if they're not connected to the internet.
              - This provides script owners control of their commercial scripts in case a user misbehaves.
  9. Report Generator - Get a dashboard that details where your script(s) are being used.
    • a). Know when your script is being illegally used
      • If your script(s) were meant to be used at the office in San Francisco but you find out they are now being used in France as well, you might want to know how that happened.

Yes. We offer a 60-Day Money Back Guarantee. Refunds will be granted only under 1 condition:

    • If you are actually able to successfully unlock any of our obfuscated scripts in under 60 days.
      • Under this scenario, to qualify for the refund, we'll need to see proof.
Contact us at [ Support@EnScryption.com ] if you have any questions.
It is highly unlikely for that to happen. One of the many unique attributes which makes our Obfuscation tool secure is the fact that it is strenghtened on a very frequent basis and the frequency with which it is updated is based on several factors, one being the discovery or detection of newly developed hacking techniques.

Since the inception of our website, hackers have attempted to break our obfuscation algorithm. In the very early stages of our tool, some were actually able to crack open a few doors, and once that happened, we detected it and promptly closed the associated loopholes. Given the continous implementations of several countermeasures similar to this, we feel confident that our obfuscation tool as it stands right now and going forward, is strong enough to ensure access to your most sensitive scripts is well guarded!

If you want more assurance that our powershell code obfuscation is as strong as we claim it to be, email us a sample script. We'll obfuscate it for you and provide you with the obfuscated copy. You can then test it out and see if you can crack it. Take your time. Give it to the most experienced hackers you know. Let them take a stab at it. If they can't get to the source code, well, there goes your answer.

Yes, it is very easy to do.

We provide several automation options. Some are built into the obfuscation tool. Others can be custom developed, at no additional cost, for licensed on-prem users.

If you intend to make a purchase, simply shoot us an email with one or two sample scripts. We'll obfuscate them for you with a 24 hour expiration date added to it.

Yes. Along with other security measures, we allow users to specify how long an obfuscated script is to be valid for. After the specified date has elapsed, the obfuscated script will no longer function.

If you do not wish for your obfuscated powershell script to expire, simply specify 7000d for the expiration date (if you're an online customer). 7000d equals approximately 19+ years. For OnPrem users, you can just set the expiration option in the .cfg file to 'Off'.

Expiration dates can vary in configuration. Sometimes, you may wish to disable your script after a specific date. Other times, you may wish to configure your script to only running during a particular time period...i.e. Janyary 15, 2022 (01-15-2022_11:00) to January 17, 2022 (01-17-2022_16:00). This is also known as Date Locking and what that essentially means is locking the operation/execution/usage of your script to a particular time period.
With the OnPrem license, you can obfuscate an unlimited number of powershell scripts. With Online Submissions, you can upload up to the number of scripts specified for your chosen plan.
  1. Protect sensitive information and intellectual property
  2. Eliminate the ability of others to keep tabs on you, if you work in a lab-like environment where everyone has root access
      Our obfuscation tool ensures even those with root privileges cant view your scripts
  3. Hide passwords from public view, make it impossible for anyone to access them
  4. Sell your scripts to a third party without giving away any proprietary information
  5. Get alert notifications - Create records of attempts of intellectual thievery
      Our obfuscation tool ensures even those with root privileges cant view your scripts
      • A script obfuscated by AtShai.com is protected under the expectation it is only to be executed, not inspected. When a user of an obfuscated script tries to break it apart to see how it works, a record of such attempt will be logged.
Yes. We have readymade obfuscators capable of obfuscating not just PowerShell (.ps1) scripts, but also Perl, Ruby, Python, CLI & Web PHP scripts, Shell/Bash scripts, Rcode scripts and JavaScript files.
During submission of your scripts, you may specify how long the obfuscated version should be valid for. Examples: 1d (1day), 2w (2weeks), 4mo(4months), 7000d (for 19+ years).

Note, all scripts submitted using the free service will expire and self-destruct within 24 hours.

Get Online Access to our specialized PowerShell Script Obfuscator.
  • This option will allow you to upload powershell scripts of all types to our web interface for immediate obfuscation

Purchase and download your own personalized (and obfuscated) version of our Obfuscation tool
  • This option will enable you to avoid submitting any extremely sensitive scripts to our website
    • It allows you to obfuscate as many scripts as you need, right from your own private host.

Here are your realistic options:

  1. Rely on permissions/ownership as your only means of protection
  2. Use an open-source obfuscation method - which makes your scripts more likely to be successfully hacked!
Yes. Any obfuscated powershell script produced by us can be expected to work on all Windows operating systems. If you encounter an issue running an obfuscated script ...just shoot us an email.

There are quite a number of different methods a determined hacker can use to attempt to hack a protected script. One of such ways is altering the binary files of the programming language your script is written in.

AtShai.com is aware of these types of tactics and steps have been taken to combat them effectively.

Whenever an AtShai.com protected script is run on a system, it does a variety of checks simultaneously. These checks confirm the validity of the environment in which the obfuscated script is about to be executed. If the our algorithm senses that a component has been tampered with or simply isn't in the expected state it will refuse to run the obfuscated script and will abort immediately.

If you're not trying to hack the script, or figure out how our algorithm works, feel free to shoot us an email. In your email, provide a copy and paste of the exact error messages you encountered and the name of the Operating System your script was run on.