Getting Started
Understanding Protection
Understanding Obfuscation
Understanding Checks
Understanding Instrumentation
Using the GUI
References
Programs written for .NET are easy to reverse engineer. .NET applications compile to a high-level, expressive file syntax called MSIL (Microsoft Intermediate Language) that contains method and variable names and can be easily decompiled back into source form.
Attackers can use freely available decompilers to easily see the source of any .NET application, exposing software licensing code, copy protection mechanisms, and proprietary business logic - whether it's legal or not. Anyone can peruse the details of a software application for security flaws to exploit, unique ideas to steal, features to crack, or worse.
This is not the only option, though. Obfuscation is a technique that provides seamless renaming of symbols in assemblies as well as other tricks to foil decompilers. Properly applied obfuscation increases protection against decompilation by orders of magnitude, while leaving the application intact.
When an obfuscator tool goes to work on readable program instructions, a side effect is the output will confuse a human interpreter and break the decompiler the human interpreter was using. While the executable logic is preserved, the reverse semantics are rendered non-deterministic. As a result, attempts to reverse-engineer the instructions fail because the translation is ambiguous. Deep obfuscation creates a myriad of decompilation possibilities, some of which produce incorrect logic if recompiled. The decompiler, as a computing machine, has no way of knowing which of the possibilities could be recompiled with valid semantics. Humans write and employ decompilers to automate decompilation algorithms that are too challenging for the mind to follow. It is safe to say that any obfuscator that confuses a decompiler poses even more deterrence to a human attempting the same undertaking.
It is important to understand that Dotfuscator is a "post-build" tool - it works by modifying already-compiled application assemblies. The development environment and tools do not change to accommodate obfuscation, and source code is never altered, or even read, in any way. Obfuscated binaries are functionally equivalent to traditional binaries and will execute on the Common Language Runtime (CLR) with identical results. (The reverse, however, is not true. Even if it were possible to decompile strongly obfuscated MSIL, it would have significant semantic disparities when compared to the original source code.)
The following illustration shows the flow of the Dotfuscation process:
That means you follow all your normal processes to develop and build your application, and then once you have compiled binaries you configure Dotfuscator to work with them, and run Dotfuscator's build process against them. Dotfuscator will take the binaries as input, perform the obfuscation per your configuration settings, and generate the same set of binaries as output - but those binaries will be obfuscated.
Most often, the process of developing and obfuscating an application looks like this:
Dotfuscator Version 4.33.0.6680. Copyright © 2017 PreEmptive Solutions, LLC