Change Log - Version 4.25.0 - Release Date September 29, 2016


  • Added a new Debugging Check feature. Dotfuscator can inject code into an application to detect and react to the presence of a managed debugger, at runtime. This feature can be configured by adding the DebuggingCheckAttribute on the Instrumentation screen or via in-code attributes. Telemetry can be enabled via the "Send Debug Check Messages" global option.
  • Added a new `Action` property to `DebuggingCheckAttribute` and `InsertTamperCheckAttribute` to control how an instrumented application will react to a detected Debugging Check or Tamper Check. There are four options:
    • The default `None` action does nothing.
    • The `Exit` action causes the instrumented application to immediately exit.
    • The `Exception` action causes the instrumented application to throw an exception.
    • The `Hang` action causes the instrumented application to hang the current thread indefinitely.
  • Added a new `ActionProbability` property to `DebuggingCheckAttribute` and `InsertTamperCheckAttribute` which determines how likely the specified `Action` is to occur at runtime. Setting this to a value other than the default `1.00` will cause the instrumented application to behave less predictably, confusing attackers.
  • A warning is displayed in the Build Output if an `InsertTamperCheckAttribute` (or `DebuggingCheckAttribute`) is configured to do nothing.
  • A warning is displayed in the Build Output if Dotfuscator will inject code into a constructor, which may cause runtime errors in certain scenarios.
  • Tamper (and Debugging Check) will now send telemetry even if Setup has not yet been called.
    • Shelf Life Check telemetry will still only send telemetry if Setup has already been called.
  • Increased the level of obfuscation applied to the code Dotfuscator injects into assemblies.

Functional Changes

  • The `DefaultAction` value for the `ApplicationNotificationSinkElement` property on an `InsertTamperCheckAttribute` is now deprecated. In order to retain the same behavior, please instead set the `ApplicationNotificationSinkElement` to `None` and set the new `Action` property to `Exit`.
  • Running `dotfuscator.exe` with no arguments will now display usage information to the command line, instead of opening the Dotfuscator stand-alone UI. If you want to run the Dotfuscator stand-alone UI, run `dotfuscatorUI.exe`.
  • The `/g` option is no longer available on `dotfuscator.exe`. If you want to run the Dotfuscator stand-alone UI, run `dotfuscatorUI.exe`.
  • Artifacts within a package now display in italics and gray text, consistent with Community Edition's UI.
  • Assemblies within a package that were previously configured but are now missing from the package now appear in the Input GUI with a red exclamation point icon.


  • Artifacts within a package display their names, instead of their paths within the package (which is redundant with the tree structure they're placed in).
  • Fixed an issue where adding `ExceptionTrackAttribute` to an assembly which references WinForms, but not `System.dll`, sometimes resulted in an incorrect `System` assembly reference.
  • Fixed an issue where having Control Flow enabled in the Visual Studio Integration UI could cause a `DuplicateKeyException`.
  • Added better handling for quoted PublicKey(s) and PublicKeyToken(s) in assemblies.
  • Fixed some Xamarin-related issues by adding support for XAML 2009.
  • Prevented the commandline version of Dotfuscator (`dotfuscator.exe`) from displaying GUI dialogs.
  • Fixed various other minor bugs.