LogoLogo
  • Welcome to Cyphor
  • .NET Code Obfuscation
    • Getting Started
    • How to Obfuscate
    • Basic Code Obfuscation
      • Symbol Renaming
      • Body Mutation
      • Control Flow
      • Constant Encryption
      • Call Hiding
      • Debug Protection
      • Integrity Checks
      • Self Healing
    • Advanced Obfuscation
      • Attribute-Based Obfuscation
      • Guide to obfuscation
      • Code Inlining
      • What is RASP?
      • Protections that protect each other
      • Program not working after obfuscation
      • Keeping performance with obfuscation
      • Virtualization
  • Dashboard
    • Files
    • Billing
      • Pay as you go
      • Examples
    • Projects
      • Code Guard Tasks
      • Permissions
        • Roles
      • Files
      • SAML and SSO
  • Code Guard
    • Introduction
    • Implement with your licensing system
      • Setting up a gateway
      • Setting up the SDK
    • Secured values
      • Dynamic values
      • Code Encryption
        • Page 1
    • Preventing analysis
    • Enhanced visibility
      • Disabling tracing on production
      • Logging external methods
      • Optimizing Memory Usage
    • Edge connectivity
    • Preventing modifications
      • Preventing assembly load
      • Allowing partial tampering
      • Enterprise EDRs and XDRs
      • Dynamic Hook protection
      • Thread hijacking
      • Guard Checksums
      • DLL Injection
      • Handling complex RE attacks
        • Custom payload detection
    • Granular Integrity Checks
    • Virtualized Environments
    • Troubleshooting
    • Threat database
    • Real time alerts
      • Alert Insights
  • CLI Tool
    • Introduction
    • Global options
    • Profiles
    • Projects
    • Obfuscator
      • Obfuscation Schemes
      • Task templates
      • Protecting files
        • Global obfuscation flags
        • Using templates to obfuscate files
        • Quick obfuscation
      • Monitoring obfuscation jobs
    • Securing local storage
Powered by GitBook
On this page
  • Introduction
  • Pros
  • Enabling Code Virtualization
  • The Cost

Was this helpful?

  1. .NET Code Obfuscation
  2. Advanced Obfuscation

Virtualization

PreviousKeeping performance with obfuscationNextFiles

Last updated 3 years ago

Was this helpful?

Introduction

Your code is important, however, there are parts that shine more than others. It might be a license check, an algorithm, or something that differs your product from alternatives in the market. The obfuscation techniques applied in your code, uglify, hide, encrypt and apply many layers of protection on your application. However, these techniques are still part of the .NET picture, we protect your code by obscuring it with further .NET Code.

Virtualization is a major step, we will maintain the obfuscation transformations with a twist. The obfuscated code won't be .NET, instead, it will be transformed into a pseudo-random bytecode that is only understood by our virtual machine.

This ensures that the new code can't be understood by attackers, including tools and humans. Decompilers won't be capable of disassembling the code because the protected code is no longer .NET and thus makes it impossible to be interpreted by them.

Pros

Virtualization is equivalent to an all-in-one feature. It achieves more than just hiding your code.

  • References to methods and other classes are completely invisible.

  • Debugging becomes extremely difficult.

  • Protected data remains encrypted in the disk and memory.

  • Calls to internal and external methods remain invisible to external observers.

  • Tampering safety is ensured as the bytecode is safely encrypted and only understood by our virtual machine.

Enabling Code Virtualization

To enable Code Virtualization you should use it directly from our online panel (highly unadvised unless you are aware of the drawbacks this might carry), or through .

The Cost

Due to the nature of this protection, there are worthy costs that need to be taken into account while applying it.

The first drawback is performance, by removing all traces of .NET Code, the protected region can't be optimized nor compiled into ASM. Instead, our interpreter will execute iteratively your code each time, leading to a noticeable performance hit.

Simultaneously, debugging becomes meaningless, you might attach a debugger to the program, however, the displayed code won't make any sense as it will represent our virtual machine interpreting your code and not your actual code.

Attribute-based obfuscation