.NET Obfuscators

I’ve spent the last 2 days looking and testing few .NET obfuscator tools.

I can tell this is not as easy as it sounds!

There are a lot of tools available on the market from the free-community editions to the professional-enterprise editions.

The main features offered by such tools are:

  • Renaming: which renames private member, method and class names with inexpressive characters.
  • String Encryption: which encrypts any string in your code.
  • Control Flow: which transforms your code flow and scrambles it, so that it becomes more difficult to read.
  • Code Protection: which replaces the original code by stub methods so that they can’t be decompiled.

I have tried the following tools:

Dotfuscator (community edition): which is included in Visual Studio and free. Only includes the Renaming feature, and provides a fairly good result. However in my very quick test, I couldn’t run my app once obfuscated!

Eazfuscator: free as well. Includes Renaming, String Encryption and Control Flow. I was quite impressed by this tool which is very easy to use (one drag and drop, it’s done!) – straight to the point!

Babel.NET: paid version 150-200 euros. Includes Renaming, String Encryption and Control Flow. The tool does a decent job as well for those who like command line tools.

http://www.babelfor.net/Default.aspx

Skater.NET: used to be free tool – now from $100 to $370. Includes Renaming, String Encryption and Control Flow. Again, the tool does a decent job, but the Control Flow is a bit weak… It added a set of while(true/false) statements to every new method and anonymous method.

http://www.rustemsoft.com/obfuscator.asp

CliSecure: $795. This is the only tool that provides Code Protection which totally hides your code when you try and access it through reflector. It’s also doing a very good job with Renaming and Control Flow.

Another big addition is that it actually deals with mixed .NET DLLs written in C++/CLI.

This is actual the tool that we peaked, but we still to tweak our code to make our application with the obfuscation.

http://www.secureteam.net/index.aspx

Dotfuscator (professional edition): I finally got a quote! $1975 per build machine and $500 per user…

At this price, it does a very good job… but it doesn’t provide the Code Protection.

However, it does work with mixed .NET DLLsas well, and the application worked straight away once obfuscated.

http://www.preemptive.com/products/dotfuscator/overview

Few links that helped us find our way:

Advertisements
Categories Code

1 thought on “.NET Obfuscators

  1. I loved your article joh. Its .net obfuscator is really useful Technic in security.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close