Guide to obfuscation

Introduction

It is not uncommon to think that, a good obfuscation practice is to use all the available techniques at our hands, however, experience shows that typically this reasoning backfires the software vendor in an unexpected way, but why?

📕 Conceal your reach

The best approach to maximizing obfuscation performance is by asking ourselves the following:

  • What do I exactly want to achieve with obfuscation?

Obfuscation has multiple goals, the expectancies that you have in obfuscation might be completely different than customer A.

The general rule that we all want to achieve is, hiding our code. But, how much do you want to hide it? Most of the time, Body mutations or Control flow are enough to stop somebody from being able to steal our code or even understand it.

Keeping a balance in obfuscation is key 🔑 , by only using those features that you require to keep hackers away you are also guaranteeing yourself that, in the future, if somebody targets your application with more persistence, you can instantly react to their actions without waiting for us to respond.

📚 Use cases

In this section, we will define some general rules that might help you to decide which obfuscation techniques to apply. Be advised that there are exceptions, do not follow these guidelines as dogmas.

Symbol Renaming.

Symbol renaming is a fundamental feature in .NET Obfuscation, we advise using it whenever possible.

Body Mutations.

Use this feature if you want to:

  • Melt any constant values of your application (hiding integer or string values).

  • Make the code of your methods harder to understand.

Control Flow

Use this feature if you want to:

  • Make the code of your methods harder to understand

  • Obscure the flow and logic behind your application.

Control Flow and Body mutations complement each other, using them together will result in a much more efficient way to hiding the flow and values of your application.

Constant Encryption

Use this feature if you want to:

  • Encrypt the constant values of your application in a more resilient way than as previously described in Body Mutations.

Call Hiding

Use this feature if you want to:

  • Hide the usage of certain libraries and dependencies that might expose the way your application functions.

  • Obscure to the maximum the flow and logic of your application.

Debug Protection

Use this feature if you want to:

  • Prevent hackers from understanding the flow and logic of your application via dynamic application analysis.

Self Healing

Use this feature if you want to:

  • Prevent your methods from being modified.

  • Provide an stealthy protection against tampering attacks (modifications made by attackers won't take effect).

Integrity Checks

Use this feature if you want to:

  • Prevent your file from being modified.

Anti Tamper

Use this feature if you want to:

  • Ensure the maximum safety against illegal modifications on your application.

  • Want to hide the code from decompilers.

Last updated