Obfuscar, The Open Source Obfuscator for .NET Applications

  •        342

Obfuscar is an open source .NET obfuscator released under MIT license. It provides basic obfuscation features that help secure secrets in a .NET assembly.




Related Projects

obfuscar - Open source obfuscation tool for .NET assemblies

  •    CSharp

The project logo cames from Legendora Icon by Teekatas Suwannakrua. Maintained and supported by LeXtudio.

javascript-obfuscator - A powerful obfuscator for JavaScript and Node.js

  •    TypeScript

JavaScript obfuscator is a powerful free obfuscator for JavaScript with a wide number of features which provides protection for your source code. It is not recommended to obfuscate vendor scripts and polyfills, since the obfuscated code is 15-80% slower (depends on options) and the files are significantly larger.


  •    DotNet

This project show how create your own obfuscator for application .net, as a protection source code


  •    CSharp

It is a Software Protection tool, designed to help .NET developers efficiently protect their software. It will obfuscate and protect your .NET code, optimize your .NET assembly for better deployment, minimize distribution size, increase performance & add powerful post-deplo...

Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator & Obfuscator

  •    PowerShell

Invoke-CradleCrafter is a PowerShell v2.0+ compatible PowerShell remote download cradle generator and obfuscator. In the Fall of 2016 after releasing Invoke-Obfuscation, I continued updating my spreadsheet of PowerShell remote download cradles thinking that one day I might add a "cradle selector" menu into Invoke-Obfuscation. This list consisted of cradles that were obscure to me, and many of which were not prevelently (or at all) being observed in the wild.

Invoke-Obfuscation - PowerShell Obfuscator

  •    PowerShell

Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator. In the Fall of 2015 I decided to begin researching the flexibility of PowerShell's language and began cataloguing the various ways to accomplish a handful of common techniques that most attackers use on a regular basis.

php-obfuscator - A parsing PHP obfuscator

  •    PHP

This is an "obfuscator" for PSR/OOp PHP code. Different from other obfuscators, which often use a (reversible) eval() based obfuscation, this tool actually parses PHP, and obfuscates variable names, methods, etc. This means is can not be reversed by tools such as UnPHP. This library was written out of the need to obfuscate the source for a private library which for various reasons could not be shared without steps to protect the source from prying eyes. It is not technically feasible to "encrypt" PHP source code, while retaining the option to run it on a standard PHP runtime. Tools such as Zend Guard use run-time plugins, but even these offer no real security.

Hikari - LLVM Obfuscator


English Documentation Hikari(Light in Japanese, name stolen from the Nintendo Switch game Xenoblade Chronicles 2) is my hackathon-ishtoy project for the 2017 Christmas to kill time.It's already stable enough to use in production environment. However, as initially planned, Hikari has been ported to LLVM 6.0 release version and no longer being actively maintained due to the time and effort it takes. You can find the history of its development at developer branch. Further enhancements include more features like Code-Intergrity Checking and a full anti-hook implementation. These are not open-source and will probably be released as a commercial product. If you know me close enough we can discuss the license model and pricing issue because I might not be able to provide real-time bug fix and stuff. Any undiscovered potential bugs affecting the obfuscated binary are fixed during obfuscation so you get a workable binary.


  •    CSharp

Dafuscator is a database data obfuscation system that allows you to tactically obfuscate or delete data out of your production database while leaving most of the data intact.



AssemblyTransformer is a tool for modifying .NET assemblies using Mono Cecil. It handles the entire transformation process including strong name signing and offers a simple command-line interface and a basic framework for creating and configuring specific transformations.


  •    DotNet

ImmDoc .NET is a command-line utility for generating HTML documentation from a set of .NET assemblies and XML files created by the compiler. It's developed in C#.

Obfuscation for Eclipse

  •    Java

obfuscate4e is an Eclipse feature to obfuscate plugins during their export. This feature provides an integrated proguard obfuscator, other obfuscators might be added as plugins. The project moved to http://code.google.com/p/obfuscate4e/

Email Obfuscator: A Tool For Webpages

  •    Java

Stand-alone JAVA Email obfuscation tool for HTML pages. This tool can be used to process single pages, or whole webpage bundles, to protect email addresses occuring in them from spam bots and other harvesters, by hiding them using various methods.


  •    Java

Obclipse manage the obfuscation of an ready build eclipse product. It collects the necessary information of a product, configure a third party obfuscator, obfuscate the product and fixes the textual files of the plugins by the obfuscated class names.

de4dot - .NET deobfuscator and unpacker.

  •    CSharp

de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren't (usually) part of the obfuscated assembly.It uses dnlib to read and write assemblies so make sure you get it or it won't compile.

Revoke-Obfuscation - PowerShell Obfuscation Detection Framework

  •    PowerShell

Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. In the Fall of 2016 and Spring of 2017, Daniel Bohannon (@danielhbohannon) released Invoke-Obfuscation and Invoke-CradleCrafter, two open-source PowerShell obfuscation frameworks. The goal of this research and these frameworks was to highlight the limitations of a purely signature-based approach to detecting attackers' usage of PowerShell. The core message to defenders has been to focus on detecting Indicators of Obfuscation in addition to known suspicious syntax.

Invoke-DOSfuscation - Cmd.exe Command Obfuscation Generator & Detection Test Harness

  •    PowerShell

Over the past several years as an Incident Response consultant I have witnessed a myriad of obfuscation and evasion techniques employed by several threat actors. Some of these techniques are incredibly complex while others are tastefully simple, but both categories are employed to evade detection. In my experience, I have found APT32 and FIN7 to pull out the most alluring obfuscation techniques and their creativity is noteworthy. In June 2017 after a slew of incremental command line obfuscation techniques, FIN7 used an environment variable string substitution capability native to cmd.exe that at the time I did not know even existed. Spurred by this discovery I co-authored a blog post with Nick Carr (@ItsReallyNick) called Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques where we highighted numerous groups' obfuscation techniques we identified in the wild.

Babel Obfuscator NAnt Tasks


This is an NAnt task for Babel Obfuscator. Babel Obfuscator protect software components realized with Microsoft .NET Framework in order to make reverse engineering difficult. Babel Obfuscator can be downloaded at http://www.babelfor.net

cecil - Cecil is a library to inspect, modify and generate .NET programs and libraries.

  •    CSharp

Mono.Cecil is a library to generate and inspect programs and libraries in the ECMA CIL form.Cecil has been around since 2004 and is widely used in the .NET community.

dnlib - dnlib is a library that can read, write and create .NET assemblies and modules.

  •    CSharp

.NET module/assembly reader/writer library written for de4dot.dnlib was created because de4dot needed a robust .NET assembly library that could handle all types of obfuscated assemblies. de4dot used to use Mono.Cecil but since Mono.Cecil can't handle obfuscated assemblies, doesn't fully support mixed mode assemblies, doesn't read .NET assemblies the same way the CLR does and many other missing features de4dot needed, dnlib was a necessity. The API is similar because it made porting de4dot to dnlib a lot easier.