Dotfuscator Quick Start Guide

Visual Studio Integrated UI Walkthrough

This section shows you how quick and easy it is to obfuscate your first assembly using Dotfuscator from within Visual Studio.

You will be shown how to include obfuscation as part of a Visual Studio solution build. A Dotfuscator project can accept input files from one or more other Visual Studio Projects (such as C# or VB.NET projects), or you can specify assemblies directly from the filesystem.

You will learn how to configure a project that uses basic, yet powerful, features including Renaming, Control Flow, Removal, and String Encryption to obfuscate and protect your application. The settings you use here will be suitable for providing protection in most use cases.

For a complete guide to Dotfuscator's Visual Studio integration, see Using the Visual Studio Integrated User Interface in the Dotfuscator User Guide.

Note: This page will describe obfuscating the GettingStarted.exe sample assembly that ships with Dotfuscator. You can, of course, follow the same instructions with your own assembly.

Step 1 – Open the GettingStarted Solution

  • Within Visual Studio, choose File | Open | Project/Solution... and browse to:
    C:\Program Files (x86)\PreEmptive Solutions\Dotfuscator Professional Edition 4.x\samples\cs\GettingStarted\GettingStarted.sln
  • The solution and project files are in Visual Studio 7.0 format. If you are using a later version of Visual Studio, you will be asked if it is OK for Visual Studio to upgrade the files. You should agree to the upgrade before continuing.

The GettingStarted project displays in Solution Explorer. This is a C# project that you can use to build the GettingStarted executable.

Step 2 – Create a Dotfuscator Project for Your Assembly

Add the Dotfuscator project to the solution

  • Choose File | Add | New Project...
  • In the left panel of the Add New Project Dialog, choose Installed | Dotfuscator Projects.
  • Click on the Dotfuscator Project icon.
  • Name the project GetObfuscated and click OK.

A new Dotfuscator project called GetObfuscated displays in the Solution Explorer. Use the Solution Explorer as the starting point for configuring Dotfuscator projects.

Select the assembly to obfuscate

To specify the input file, tell Dotfuscator to use the output from the GettingStarted project.

  • Right-click on the top-level GetObfuscated node, and select Add Project Output... from the context menu.
  • On the Add Project Output dialog, select the GettingStarted project from the project drop down.
  • Select Primary Output from the output groups list. Click OK.

Under the Dotfuscator project's Inputs node within Solution Explorer, you should now see GettingStarted.exe from GettingStarted (Active):

Step 3 – Configure the Project

You could build the project now, and you would already get a certain amount of protection by default:

  1. Renaming (in Library Mode)
  2. Control Flow

The instructions in this section will add additional layers of protection:

  1. String Encryption
  2. Removal/Pruning

...and will improve the strength of Renaming:

  1. Enable Enhanced Overload Induction
  2. Disable Library Mode

Turn On High-level Features

  • Right-click on the GetObfuscated project node in Solution Explorer, and select Properties from the context menu.
  • Select Configuration Properties | Global Options from the left navigation tree.
  • In the Feature section, set the following values to "No"
    • Disable String Encryption
    • Disable Removal

Note: Setting these "Disable [Feature]" values to "No" will actually turn the features on!

Examine Configuration Options

  • Under the GetObfuscated node in Solution Explorer, expand the Configuration Options folder.

Here you will see a node for each configurable obfuscation setting. A node is grayed out if the feature is disabled. To enable or disable a feature, you can either right-click on its node and check or uncheck the disabled menu item, or you can set it using the Global Properties Page as described above.

Configure Renaming

  • Double-click the Configuration Options | Renaming node in Solution Explorer.
  • Click on the Options sub-tab.
  • Check Use Enhanced Overload Induction. With this feature enabled, Dotfuscator extends Overload-Induction™ by allowing a method’s return type or a field's type to be used as a criterion in determining method or field uniqueness.

Configure String Encryption

  • Double-click the Configuration Options | String Encryption node in Solution Explorer.
  • String encryption is inclusion-based; therefore, you must mark the assembly's checkbox at the root of the tree shown in the left pane to include all methods in the input assembly.

Turn Off Library Mode

By default, Dotfuscator not rename or remove anything that could be accessed from outside that assembly. If, however, you don't need other assemblies to access your assembly, or if you are assembling both the library and consumers of the library together in the same Dotfuscator project, you will likely want to turn off Library Mode to get more powerful protection (especially more extensive renaming).

  • Click on Inputs | GettingStarted.exe from GettingStarted (Active) in Solution Explorer.
  • In Input Properties, change Library Mode to "False".

Step 4 – Build the Solution

  • Right-click on the GetObfuscated node in Solution Explorer, and select Properties from the context menu.
  • Select Configuration Properties | Build Settings properties from the left navigation tree.
  • The Output Directory is populated by default as: ${configdir}\Dotfuscated. You may edit this location if you wish. Click OK.

Note: ${configdir} is a variable that holds the path to your Dotfuscator configuration file. If you have installed the samples to the default location, this path is

C:\Program Files (x86)\PreEmptive Solutions\Dotfuscator Professional Edition 4.x\samples\cs\GetObfuscated\Debug

  • Select Build Solution from the Build menu.

The C# project builds first, followed by the Dotfuscator project. Dotfuscator's output displays in Visual Studio's output window.

Once the build completes, your obfuscated assembly is ready to be tested and used!

Optional: Browse the Output

  • Within Solution Explorer, you can bring up Dotfuscator's Output Browser by double-clicking the Output node in the GetObfuscated project. You can now navigate a tree that shows how Dotfuscator obfuscated your code.
  • Expand the root tree and all sub-trees.

  • Notice the blue diamond shaped icons. These are the renamed methods and fields. The parents of each of these icons display their original names. Dotfuscator renamed each method and field to make it almost impossible to decipher the purpose of each method. This severely impacts the process of reverse engineering the code.

  • Notice the currently highlighted SaySomething and set_Name methods, as well as the Name property. Dotfuscator determined these items are not used in this application. Dotfuscator's Pruning feature removes them, resulting in a more compact application.

Optional: Commonly-used Convenience Features

Open the Property Pages by right-clicking on GetObfuscated in Solution Explorer and choosing Properties.

  • Select Configuration Properties | Global Options in the left navigation tree.
    • In the General section, set the Build Progress property to Verbose. This causes Dotfuscator to provide additional information in the Visual Studio output window during builds.
    • In the Advanced section, set the Emit Debug Symbols property to JIT Optimization; Sequence Points from PDB (this is the default for Debug project configurations). Setting this option tells Dotfuscator to create a symbol file in PDB format for each output assembly. Debuggers use these files to provide useful information in a debugging session. Typically, they contain information such as line numbers, source file names, and local variable names. The PDB files are placed in the output directory with the output assemblies.
  • Select Configuration Properties | Reports | Renaming in the left navigation tree.
    • Check the Output as HTML checkbox to get a useful report containing renaming information and statistics on your application. This report will output into the same directory as the Map File. The default location is ${configdir}\Dotfuscated\Map.html.
  • Select Configuration Properties | Reports | Removal in the left navigation tree.
    • In the Removal Report File editor, specify ${configdir}\Dotfuscated\removal.xml for the Removal Report File.
    • Check Output as HTML to get a formatted report containing the removal information and statistics on your applications. This report outputs into the same directory as the removal.xml file.

Browse the Renaming and Removal Reports

  • Select the GetObfuscated node in Solution Explorer.
  • Choose View | Dotfuscator in the menu bar.

There are two menu items here that are enabled whenever there are HTML versions of the renaming and removal reports available for viewing. Clicking on them displays the reports in your default browser.

Learn More

Now that you have successfully obfuscated using Dotfuscator's integration with Visual Studio, you can see how to use the command line interface to do the same things. Or, you can examine the obfuscated output assembly in detail and see how effective the obfuscation was.

In the Dotfuscator User Guide:

Dotfuscator Version Copyright © 2017 PreEmptive Solutions, LLC