Capabilities
This page focuses on the capabilities of Dotfuscator Community. Dotfuscator Professional offers even more features; for details, see Upgrading to Professional.
With Dotfuscator Community, Visual Studio users are able to obfuscate assemblies and inject active defense into their .NET applications - all without Dotfuscator needing to access the original source code. Dotfuscator protects your application in multiple ways, creating a layered protection strategy.
Dotfuscator Community supports a wide range of .NET assembly and application types, including Xamarin.
After installation, you can access Dotfuscator's convenient user interface directly from Visual Studio, allowing you to set up, customize, and apply Dotfuscator's protection on an ad-hoc basis. Registered users can also integrate Dotfuscator into their builds via a flexible command line interface.
Intellectual Property Protection
Your application's design, behavior, and implementation are forms of intellectual property (IP). However, applications created for .NET are essentially open books; it's easy to reverse engineer .NET assemblies, as they contain high-level metadata and intermediate code.
Dotfuscator Community includes basic .NET obfuscation in the form of renaming. Obfuscating your code with Dotfuscator reduces the risk of unauthorized access to your app's code through reverse engineering, as important naming information will no longer be public. Obfuscation also shows effort on your part to protect your code from examination - a valuable step in establishing that your IP is legally protected as trade secret.
Many of the application integrity protection features of Dotfuscator further hinder reverse engineering. For instance, a bad actor may attempt to attach a debugger to a running instance of your application in order to understand the program logic. Dotfuscator can inject anti-debug behavior into your application to obstruct this.
Application Integrity Protection
In addition to protecting your app from reverse engineering, it's also important to ensure your application is used as designed. Attackers can attempt to hijack your application in order to circumvent licensing policies (that is, software piracy), to steal or manipulate sensitive data handled by the application, or to change the behavior of the application.
Dotfuscator can inject application validation code into your assemblies, including anti-tamper, anti-debug, and anti-rooted device measures. When an invalid application state is detected, the validation code can call upon application code to address to the situation in an appropriate way. Or, if you prefer not to write code to handle invalid uses of the application, Dotfuscator can also inject response behaviors, without requiring any modification to your source code.
Many of these same methods may also be used to enforce end-of-life deadlines for evaluation or trial software.