Lists of .NET Obfuscator
| Name/Website | Free? | Protect strings | Protect code flow | Protect calls | Protect resources | Protect names | Anti tampering | Anti debugger | Virtualization protection | Packer/Compressor |
|---|---|---|---|---|---|---|---|---|---|---|
| Agile.NET | Premium ($795) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No |
| Appfuscator | Freemium ($18/day) | Yes | Yes | Yes | No | Yes | No | No | No | No |
| ArmDOT | Freemium ($299) | Yes | Yes | No | Yes | Yes | No | No | Yes | No |
| AsStrongAsFuck | Yes | Yes | Yes | Yes | No | Yes | No | No | No | Yes |
| Babel | Premium (245€) | Yes | Yes | Yes | No | Yes | No | Yes | Yes | No |
| Beds Protector | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | Yes |
| BitHelmet | Yes | No | Yes | No | No | Yes | No | No | No | No |
| ConfuserEx | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes with KoiVM (free) | Yes |
| Crypto Obfuscator | Freemium ($299) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Cyphor | Premium ($499 for full) | Yes | Yes | Yes | No | Yes | No | No | Yes | No |
| DarksProtector | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| DeepSea | Yes | Yes | Yes | No | No | Yes | No | No | No | No |
| Demeanor | Premium ($800) | Yes | Yes | No | No | No | No | Yes | No | No |
| Deploylx | Premium ($299) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| DNG HVM | Premium ($1299) | Yes | No | No | Yes | Yes | Yes | Yes | Yes | No |
| DotNetGuard | Yes | Yes | Yes | No | No | Yes | No | Yes | Yes | No |
| DotNetPatcher | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | No | No |
| Dotfuscator | Premium ($1495) | Yes | Yes | No | No | Yes | Yes | Yes | No | No |
| Enigmaprotector | Premium ($199) | No | No | No | No | No | No | Yes | No | Yes |
| Eazfuscator | Freemium ($399) | Yes | Yes | No | Yes | Yes | No | Yes | Yes | Yes |
| Guardship | Freemium ($199) | No | No | No | No | No | No | Yes | Yes | No |
| HabibProtector | mremiuù ($299) | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | No |
| ILProtector | Freemium ($149) | Yes | No | No | No | No | Yes | Yes | No | Yes |
| Isolated | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | No | No |
| KrawkProtector | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | No | No |
| Logic.NET | Yes | Yes | No | Yes | No | Yes | Yes | No | No | No |
| MemeVM | Yes | No | No | No | No | No | No | No | Yes | No |
| ModPhuserEx | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| NETReactor | Premium ($179) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No |
| NeoConfuserEx | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes with KoiVM (free) | Yes |
| NETGuard | Freemium ($5 for 2 obfuscations) | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | No |
| NetShieldObfuscator | Premium (10€ for 4 obfuscations) | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | No |
| Noisette | Yes | Yes | Yes | Yes | No | Yes | No | No | No | No |
| Obfuscar | Yes | Yes | No | No | No | Yes | No | No | No | No |
| PhoenixProtector | Yes | Yes | Yes | No | No | Yes | No | No | No | No |
| PandaObfuscator | Yes | Yes | Yes | Yes | No | No | No | No | No | No |
| RzyProtector | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| SkiDzEx | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| SmartAssembly | No Freemium (945€) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| StrongVM | Freemium ($99) | Yes | No | No | Yes | No | Yes | Yes | Yes | No |
| Skater Obfuscator | Premium ($79) | Yes | Yes | No | No | Yes | Yes | Yes | No | No |
| Spices | Premium ($340) | Yes | Yes | Yes | Yes | Yes | Yes | Yes | No | No |
| Themida | PRemium ($199) | No | No | No | Yes | No | Yes | Yes | No | Yes |
| Trinity Obfuscator | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | No | No |
| VMProtect | PRemium ($149) | No | Yes | Yes | No | No | Yes | Yes | Yes | No |
| Vot4CS | Yes | No | No | No | No | No | No | No | Yes | No |
| YanoObfuscator | Yes | Yes | No | No | No | Yes | No | No | No | No |
| Z00bfuscator | Yes | No | No | No | No | Yes | No | No | No | No |
In a managed assembly all strings are clearly identifiable and readable. Even when methods are renamed, strings used in a method may give clues about the purpose of the method. This includes messages (especially error messages) that are displayed to the user. Those strings can be tracked down to the code that uses them. String encryption works by modifying all strings in the assembly and restore their original value at runtime. Since the string data must be restored automatically at runtime, usually without the user providing a decryption key, the data cannot actually be encrypted but only encoded. The algorithm that decodes the data is always included in the obfuscated assembly. This process may affect the runtime performance of the program, either once at startup or for every string usage.
Control flow obfuscation is about modifying the program so that it yields the same result when run, but is impossible to decompile into a well-structured source code and is more difficult to understand. Most code obfuscators would replace CIL instructions produced by a.NET compiler with goto s and other instructions that may not be decompiled into a valid source code. This process may affect the runtime performance of a method.
The way CIL instructions work references to external types and methods are clearly visible and will be unaffected by name obfuscation and control flow obfuscation. Even without reasonable names, the fact that a method makes use of certain framework classes like I/O, networking or cryptography can draw attention to it. Calls to suspicious methods can be redirected through a generated method that only wraps the original call. This wrapper method can be renamed and the called method's name will no longer appear in the obfuscated method body. The Just-In-Time compiler (JIT) will normally inline such short wrapper methods so that it does not affect runtime performance.
Sometimes resources contains sensitive informations, such as credentials or local databases. This protection plays with how resources are handled at runtime within your application. The resources byte[] will be encoded, and then at runtime it will be decoded.
Name obfuscation changes the name of types and members. Name obfuscation makes the decompiled source harder to understand but the overall flow of the code is not obscured. The new names can follow different schemes like "a", "b", "c", or numbers, characters from Non-Latin scripts, unprintable characters or invisible characters. Names may be used multiple times in a scope by using overloading. While proper names are technically Not required to execute the assembly, the resulting assembly would be unverifiable. Name obfuscation is the most basic technique that is used by every.NET obfuscator solution.
Anti tampering protection protects the CIL instructions by encrypting them and stripping the original instructions from the assembly. The encrypted instructions are kept in a separate storage. When the assembly is loaded a native runtime executive assumes control of portions of the.NET runtime and manages decrypting the CIL as needed. If the native code is involved, the application may Not run on different platforms anymore.
Anti debugger protection prevents the use of debugging tools to step-by-step debug the protected file. It can detect memory-based patern and also check for the disk content for blacklisted entities.
Code virtualization converts the CIL code into virtual opcodes that will only be understood by a secure virtual machine. As opposed to protecting CIL code through encryption where the encrypted code must be decrypted back into CIL before it can be executed by the CLR, code virtualization uses a virtual machine which directly processes the protected code in the form of a virtual machine language. Code virtualization feature is by far the strongest protection method available in code protection arena today as it implements a one-way code transformation. The code is never translated back to its original form, instead, the virtual machine emulates the original code behavior. Code virtualization can significantly degrade performance and make debugging very difficult.
This feature allow you to merge all dependencies of your file into a one-file only stub. Usually it can be managed, but there exists solutions to inject your managed files and dependencies into a native stub too.