Best and worst obfuscators of 2011
Posted 30 December 2011 - 09:07 AM
There's maybe 20+ .NET obfuscators that are still developed and only a few of those are used by anyone other than the creator of that obfuscator.
I'll only list the ones I know enough about. There are others I haven't tried that may or may not be better than the ones listed below.
The top 10 list of the best .NET obfuscators of 2011, according to me:
1. .NET Reactor 4.4
It has decent protection against unpacking and source code stealing. I'll give it 3/10 points.
2. SmartAssembly 6.5
I think this one is the most popular .NET obfuscator. It's easy to use and comes with the absolute minimum standard obfuscation features. I'll give it 2/10 points.
I'll stop here. It was a short top 10 list.
- Best string encryptor: Eazfuscator.NET
And the winner of the absolute, without a doubt, the worst obfuscator of 2011 is:
It'll set you back $2,000-$4,000 (US dollars). All it does is rename symbols, simple string encryption, and simple control flow obfuscation. YAY! You bought it? You're a fucking idiot.
Posted 30 December 2011 - 10:27 AM
the best 2 players at the moment are as you mentioned, SmartAssembly and .NET Reactor, they were enough to
keep most lamers away in the past but not any more
I also find Themida.NET somehow good when it comes to anti-dumping but there is no Obfuscation applied.
I'm kinda interested in seeing this protection sometime : http://www.arxan.com...ardIt/index.php
still no samples !
The biggest loser is CodeVeil of course, slow, incompatible and sometimes detected as a virus ! also damn expensive.
Posted 30 December 2011 - 11:54 AM
I tried CodeVeil once (the 4.x demo version) but found no option to enable control flow obfuscation. Apparently it doesn't support it.
In my opinion, the obfuscators I've tested (see de4dot supported obfuscators) are useless. They protect almost nothing. de4dot is proof of how easy it is to revert back almost everything. They'll have to come up with something really clever to stop deobfuscation. It'll be hard due to the rich .NET metadata.
And speaking of slow obfuscators, Goliath .NET has a feature to turn some methods into some byte code and execute it in a VM. But nobody uses that obfuscator.
Edited by 0xd4d, 30 December 2011 - 12:00 PM.
Posted 30 December 2011 - 01:18 PM
Posted 31 December 2011 - 03:05 AM
If you want to protect your code, don't write it in any .NET language.
Edited by 0xd4d, 31 December 2011 - 03:08 AM.
Posted 31 December 2011 - 09:36 AM
I still use Confuser with max preset for some appz.
Also, i would like to point out Rummage. I tried its trial version and string encryption was quite good: http://www.aldaray.com/Rummage Its also not much expensive.
Posted 31 December 2011 - 12:21 PM
Edited by 0xd4d, 31 December 2011 - 12:24 PM.
Posted 01 January 2012 - 10:37 AM
As a obfuscator author, I will said, "CONFUSER IS THE BEST!!!!!!'
As a reverser, I will said:
Every obfuscator has its weakness,
.NET Reactor is quite good if packed with native, but once unpacked, it is easy to deobfuscate.
SmartAssembly is quite good...in marketing . As a result...too famous, too many people interested in it
Eazfuscator: Best in the field of free obfuscator, still, the same protection techniques...
Rummage: I LOVE their renaming -.-
Dotfuscator: Totally agree. No use at all. Well, the only good is it's stable and shipped with VS.
The most important common problem is, most of the techniques are the same.
Renaming, Control Flow, Resource/String Encrypt, Reference Proxy, or even JIT hooking, .NET internal exploit.......
If the they want to be a true obfuscator, they must work hard...on developing new protection.
Posted 03 January 2012 - 12:04 PM
You really can't find any of the latest versions cracked out there.
Everything can be cracked, but this ranks pretty high. Not talking about the trial version, but the full version.
Also from what I have seen de4dot cannot Deobfusicate and DNGuard EXE's. Correct me if I am wrong.
Edited by Future, 03 January 2012 - 12:07 PM.
Reply to this topic
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users