.swf

Shockwave Flash

SWF (Small Web Format) is the discontinued Adobe Flash binary format for vector animations, interactive games, and web applications. Flash reached end-of-life in December 2020. Open legacy SWF files using the Ruffle emulator or Flashpoint archive.

Learn more ↓

File structure

Header schema

Records structured data

Adobe / MacromediaDiscontinuedActionScriptTag-based binary1996

By FileDex

Not convertible

Flash is discontinued. SWF playback requires Flash Player runtime not available in modern browsers.

Common questions

How can I open and inspect an SWF file today?

Use Ruffle (ruffle.rs) as a standalone desktop player or browser extension. For inspecting internal structure, use JPEXS Free Flash Decompiler to view ActionScript code, shapes, and embedded assets. swftools provides CLI inspection via swfdump.

Why was Flash discontinued?

Adobe ended Flash due to security vulnerabilities (CVEs were frequent), mobile incompatibility (iOS never supported it), performance concerns, and the maturity of open standards like HTML5, CSS3, and WebGL that replaced Flash's functionality without requiring a browser plugin.

Can I convert an interactive SWF game to a modern format?

Partial conversion is possible. Simple animations can be rendered to MP4 or GIF. For interactive content, Ruffle can emulate many SWF files directly in a browser via WebAssembly. Full conversion of complex ActionScript 3 games to HTML5 requires manual porting.

Are SWF files dangerous to open?

SWF files can contain ActionScript code that historically exploited Flash Player vulnerabilities for malware delivery, drive-by downloads, and sandbox escapes. Never open SWF files in Adobe Flash Player. Use Ruffle, which re-implements the Flash VM in a memory-safe language (Rust) without the original security flaws.

What makes .SWF special

What is an SWF file?

SWF (Small Web Format, originally Shockwave Flash) was the standard file format for Adobe Flash multimedia content. SWF files contained vector graphics, animations, interactive content, games, and video. Flash was discontinued by Adobe on December 31, 2020, and modern browsers no longer support SWF playback.

Continue reading — full technical deep dive

How to open SWF files

Ruffle (Web, Desktop) — Open-source Flash emulator
Flashpoint (Windows) — Flash game preservation project
Newgrounds Player (Windows) — Flash game player
Adobe Animate (Windows, macOS) — Legacy Flash authoring

Technical specifications

Property	Value
Format	Binary (tag-based)
Graphics	Vector and bitmap
Scripting	ActionScript 1/2/3
Video	FLV embedded, H.264
Status	Discontinued (December 2020)

Common use cases

Legacy games: Playing archived Flash games via Ruffle/Flashpoint.
Animation archives: Preserved Flash animations.
Educational content: Legacy e-learning modules.
Web history: Archiving early interactive web content.

.SWF compared to alternatives

.SWF compared to alternative formats
Formats	Criteria	Winner
.SWF vs .HTML5 CANVAS	Modern browser support HTML5 Canvas runs natively in all modern browsers without plugins. SWF requires Flash Player, which was removed from all browsers in January 2021. HTML5 Canvas replicates most SWF animation and interactivity capabilities.	HTML5 CANVAS wins
.SWF vs .LOTTIE (JSON)	Animation distribution Lottie files are lightweight JSON animations that render natively on web, iOS, and Android. SWF animations are locked in a discontinued plugin ecosystem. Many SWF animations have been converted to Lottie for modern use.	LOTTIE wins

Technical reference

Specs CLI Conversions Security Ecosystem

MIME Type: application/x-shockwave-flash
Magic Bytes: 46 57 53 FWS (uncompressed) or CWS (zlib) or ZWS (LZMA) signature.
Developer: Adobe Systems (originally Macromedia)
Year Introduced: 1996
Open Standard: No

00000000465753 FWS

FWS (uncompressed) or CWS (zlib) or ZWS (LZMA) signature.

Binary Structure

SWF files begin with a 3-byte signature indicating compression: 46 57 53 (ASCII 'FWS') for uncompressed, 43 57 53 ('CWS') for zlib-compressed (SWF 6+), or 5A 57 53 ('ZWS') for LZMA-compressed (SWF 13+). Byte 3 is the SWF version number (1-44). Bytes 4-7 are a 32-bit little-endian file length (uncompressed size). For CWS/ZWS files, all data after byte 7 is compressed; decompression is required before parsing the tag stream. After decompression, the header continues with a RECT structure (variable-length bit-packed) defining the stage dimensions in twips (1/20th of a pixel), followed by a 16-bit fixed-point frame rate (8.8 format) and a 16-bit frame count. The remainder of the file is a linear sequence of tags. Each tag starts with a 16-bit tag code-and-length field: the upper 10 bits are the tag type, and the lower 6 bits are the length. If the length field is 0x3F (63), a 32-bit extended length follows. Tag types include DefineShape (2), DefineSprite (39), DoAction (12, ActionScript 1/2 bytecode), DoABC (82, ActionScript 3 AVM2 bytecode), DefineBitsJPEG (6/21/35), DefineBitsLossless (20/36 for PNG-like data), DefineFont (10/48/75), PlaceObject (4/26/70), ShowFrame (1), and End (0). The ActionScript Virtual Machine (AVM1 for AS1/AS2, AVM2 for AS3) executes bytecode embedded in DoAction and DoABC tags. The End tag (type 0, length 0) terminates the file.

Offset	Length	Field	Example	Description
`0x00`	`3 bytes`	Signature	`46 57 53`	Compression indicator: FWS=uncompressed, CWS=zlib (v6+), ZWS=LZMA (v13+).
`0x03`	`1 byte`	Version	`2A`	SWF format version (1-44). Determines which tags and features are available.
`0x04`	`4 bytes`	File length	`A0 3E 01 00`	Total uncompressed file size in bytes (little-endian). For CWS/ZWS, this is the size after decompression.
`0x08`	`variable`	RECT (stage size)	`bit-packed`	Bit-packed rectangle: 5-bit Nbits field, then Nbits each for Xmin, Xmax, Ymin, Ymax in twips.
`after RECT`	`2 bytes`	Frame rate	`00 18`	Fixed-point 8.8 format. 0x0018 = 24.0 fps. Stored little-endian (fractional byte first).
`after frame rate`	`2 bytes`	Frame count	`E8 03`	Total number of frames in the main timeline. 0x03E8 = 1000 frames.

1996Macromedia releases FutureSplash Animator, later renamed Flash, introducing the SWF format2000Flash 5 adds ActionScript 1.0, making SWF files programmable interactive applications2005Adobe acquires Macromedia. Flash Player reaches 98% desktop browser penetration2006SWF 9 introduces ActionScript 3.0 with the AVM2 virtual machine for compiled bytecode2010Steve Jobs publishes 'Thoughts on Flash,' Apple bans Flash from iOS, catalyzing HTML5 adoption2017Adobe announces Flash end-of-life for December 2020, giving developers three years to migrate2020Adobe ends Flash support on December 31. Browsers remove Flash Player entirely in January 2021

Extract SWF frame images with swftools other

swfrender input.swf --output frame%04d.png

Renders each SWF frame to a PNG sequence using swftools. The output can be combined into MP4 or GIF with ffmpeg. Requires swftools installed (swfrender binary).

Play SWF file with Ruffle standalone other

ruffle input.swf

Ruffle is an open-source Flash emulator written in Rust. The standalone desktop player opens SWF files directly without a browser or Adobe Flash Player.

Dump SWF tag structure with swfdump other

swfdump -t input.swf

Lists all tags in the SWF file with their types, sizes, and frame positions. Useful for inspecting ActionScript presence, embedded assets, and file structure.

SWF → MP4 render lossy MP4 is universally playable and preserves the visual output of SWF animations. Rendering captures each frame as the Flash VM would display it, producing a standard video file. Interactivity is lost but visual content is preserved.

SWF → GIF render lossy GIF preserves short Flash animations in a format supported everywhere including email clients and messaging apps. Frame-by-frame rendering captures the visual output without requiring Flash Player.

CRITICAL

Attack Vectors

ActionScript execution — SWF files run code in the Flash VM, historically exploited for drive-by malware downloads, keyloggers, and crypto miners
Flash Player plugin vulnerabilities — hundreds of CVEs (CVE-2015-0311, CVE-2015-5119, CVE-2018-4878) enabled remote code execution via crafted SWF files
Sandbox escape — Flash Player's security sandbox was repeatedly bypassed, allowing SWF files to access the local filesystem and execute system commands
Cross-site scripting — SWF files embedded in web pages could exfiltrate cookies and session tokens via ActionScript network APIs
Social engineering — SWF files disguised as games or animations were a primary malware distribution vector throughout the 2000s and 2010s

Mitigation: FileDex does not open, execute, or parse SWF files. Reference page only.

Ruffle tool

Open-source Flash emulator in Rust. Runs SWF files in browsers and desktop without Flash Player.

Flashpoint tool

Flash game preservation project with 100,000+ archived SWF games and animations

swftools tool

CLI utilities for SWF manipulation: swfdump, swfrender, swfextract, swfcombine

JPEXS Free Flash Decompiler tool

Open-source SWF decompiler and editor for ActionScript, shapes, and embedded assets