What Obfuscator ? As you can see i am checking my options and i have to make a choice as soon as my application is ready for prime time.
So, i want to protect my IP (Intelectual Property), I spend days thinking of methods that do this and that and there is nothing i can do to hide that IL…
In short, the CLR has to execute this thing, and so can the deassembler and the free reflector decompiler, if not then there is always salamander.
Holy crap, Boomerang was useless when i wrote native, it was an excellent decompiler of X86 code, but X86 was much more complicated than IL (that i can comprehend without even decompiling) !
So, what options do i have ?
First, Revert back to C++ (Yes, this is where i will go as soon as i know i am master of C#) so that i dont feel left behind when they say i tell the GC to do this right after that and then bam, i reallocate the object blah on the microsoft heap…
A childish reason to hold off going back to C++ for some time, but then again, it is not just the bragging, i really want to know what is on the other side, especially with MONO around.
Second, See what automated tools exist for converting IL to C++ (Holy crap, you can do that), up to now i found a single tool that can do that and it is free…. Codeplex CorssNet, So my dreams of a factory precompiler could come true finally (But i have not tested it yet).
Third, Learn as much as possible about this new Phoenix from Micro$oft. it should have some answers !
See what options i have concerning obfuscators and put them here…
First, the free guys.
| Aspose.Obfuscator | Aspose | free with no support, But not clear from website what is free and what you need to pay for, The things you must pay for don’t have a price tag, you need to contact author | |
| Babel | Alberto Ferrazzoli | Based on Microsoft Phoenix framework, will have to look into this a bit more before final remarks | |
| Google Obfuscar | Obfuscar is a basic obfuscator for .NET assemblies. It uses massive overloading to rename metadata in .NET assemblies (including the names of methods, properties, events, fields, types and namespaces) to a minimal set, distinguishable in most cases only by signature.
the truth is, they got it right when they said basic, What they are offering doesn’t protect what i need, Skipping… |
||
| Phoenix Protector | NTCore | Not bad for freeware.. But not the best of the free category, Also based on Phoenix, Skipping | |
| SharpObfuscator | CodePlex | Maybe there CrossNet but not this one | |
| Goliath .NET Obfuscator | Cantelmo Software | ||
| LSW IL-Obfuscator | Lesser-Software | ||
| Eazfuscator.NET | Oleksiy Gapotchenko | Claims to be the best… nice website design, but this is not very high on my chec it out list | |
| Assemblur | Metapropeller | Free, Not maintained since 2008-04-24, the BUY link is there but not active so i wouldn’t know how things work | |
Or maybe i want to use the one that comes with my Visual Studio 2008
| Dotfuscator Community | PreEmptive Solutions |
And taking a look at those non free obfuscators ! that i will resort as i look into them, putting the most note worthy first
| Salamander .NET Protector | Remotesoft | $1,899
1-5 developers |
They claim to generate X86 or platform specific instructions from your IL, Further more, it offers code, string and resource encryption, and therefore, it provides even better protection than native C/C++ code.
Sounds like a plan to me, but i need to investigate further, if they plan to embed native in managed, i want to know if i can expect memory leaks etc… Also, what advantages does it have over CodePlex CrossNet ? that free lovely C++ maker seems to do the same thing as an end result and it is free ! For savings of $1900 i would gladly spend the day fixing the generated C++. |
| ThinApp | vmware | $4,995+ | From VMWARE: ThinApp also protects against hacking and disassembly. Rather than using obfuscation, ThinApp instead encrypts the .NET Program inside of secure loader which prevents disassembly. The resulting EXE no longer appears to be a .NET Program so codedisassemblers are unable to decrypt the program stored inside.
I would say, it is a matter of time till this thing is broken easy, it is based on the limited IL set and therefore, all it takes to have this broken is to get one fancy software that deploys it on the market, and then the reverse engineers have a reason to crack it. no Go for me i would say. |
| Dotfuscator Professional | PreEmptive Solutions | Overload-InductionTM renaming system seems to be identical in concept to what salamender has to offer,
Designed to stop even the best of decompilers from producing useful output (Now that was more of self praise than a fact) String encryption Several predefined renaming schemes including unprintable characters (Is that safe for all platforms) ? Software Wattermarking – Nothing about this other than to hide customer identification or copyright information within software applications, nothing about how it functions Makes application size smaller (How about speed), What’s the catch ? |
|
| Salamander .NET Obfuscator | Remotesoft | $799 | They protect you from themselves that’s for sure, If it is going to crash the ILDASM i wouldn’t take that as a guarentee, getting to the IL is not rocket science without LDASM |
| C# Source Code Obfuscator | Semantic Designs | $200 | |
| AssemblyLockbox | Gibwo | $49.95/month service | |
| CliSecure | SecureTeam | call vendor | |
| CodeArmor .NET | v.i. labs | call vendor | |
| CodeVeil | Xheo | $899 | |
| Decompiler.NET | Jungle Creatures | $550 | |
| DeepSea Obfuscator | TallApplications BV | $299 | |
| Demeanor for .NET | Wise Owl | $799 | |
| Deploy.NET | Jungle Creatures | $750 | |
| DNGuard HVM | ZiYuXuan Studio | $899 | |
| dotNet Protector | pvlog | €300+ | |
| .NET Reactor | Eziriz | $179 | |
| Obfuscator.NET | Macrobject | $199 | |
| PC Guard for .NET | SofPro | €399 | |
| Postbuild .NET Obfuscator | Xenocode | $1599 for 5 | |
| QND-Obfuscator | Desaware | $39.95 | |
| Skater .NET Obfuscator | Rustemsoft | $99+ | |
| smartassembly | Cachupa | $399+ | |
| Spices.Net Obfuscator | 9rays.net | $699 |