使用Skater . net混淆器。该. net保护工具针对de4dot, de4dot是一个去混淆器，它将原始受保护的程序集成员名称重命名为人类可读的字符串。溜冰者与之对抗!

最近，MindSystemm集团发布了一个名为Skater的特殊工具。NetDeobfuscator [url: https://github.com/MindSystemm/Skater.NetDeobfuscator]，它利用了Skater. net混淆器的漏洞。 混淆器的开发者Rustemsoft LLC收到了一个迫切需要保护关键的Skater . net混淆器算法和软件基础设施的信号，以便为Skater用户提供更强的源代码保护。这个问题已经解决了。

如果它是用。net编写并编译为CIL，则可以反映出来。如果安全性是一个问题，并且要避免混淆，那么我建议使用非托管语言编写应用程序，这种语言本质上更难以进行逆向工程。

Use online update to block those unlicensed copies. Verify serial number from different modules of your application and do not use a single function call to do the verification (so that crackers cannot bypass the verification easily). Not only check serial number at startup, do the verification while saving data, do it every Friday evening, do it when user is idle ... Verify application file check sum, store your security check sum in different places. Don't go too far on these kind of tricks, make sure your application never crash/get into malfunction while verifying registration code. Build a useful app for users is much more important than make a unbreakable binary for crackers.

我认为这个话题主要有两个方面。

A) .NET只是反向工程而不是原生的吗?

B)我们是什么类型的程序员?

标题: 保护.NET代码不受逆向工程的影响

我的观点:

Least preference to make commercial application in .NET, because it will expose even your comments on the built binary after decompile. (I don't know what is the logic to include the comments also with binary) So any one can just decompile it, rename/modify/change the look and resell the application in 24 hours. In native application rename/modify/change of look is not possible as easy as one could do in .NET Worried part in .NET is that you could get the whole project with solution from a single binary exe/dll.

想象一下现在的安全状况有多糟糕。 因此，即使是外行也可以轻松地对. net应用程序进行逆向工程。

如果它是本地应用程序，如c++ /VB6/Delphi，只有知道ASM的专家破解者才能修补exe，而不是像。net那样100%逆向工程。

但是现在整个世界都在使用。net，因为用它的高级特性和库很容易做项目。

好消息是，微软似乎在2020年支持。net的本地输出，这将使像我这样的程序员考虑将。net c#作为主要语言。

https://www.codeproject.com/Articles/5262251/Generate-Native-Executable-from-NET-Core-3-1-Proje?msg=5755590#xx5755590xx

混淆代码!在混淆c#代码中有一个例子。

Here's one idea: you could have a server hosted by your company that all instances of your software need to connect to. Simply having them connect and verify a registration key is not sufficient -- they'll just remove the check. In addition to the key check, you need to also have the server perform some vital task that the client can't perform itself, so it's impossible to remove. This of course would probably mean a lot of heavy processing on the part of your server, but it would make your software difficult to steal, and assuming you have a good key scheme (check ownership, etc), the keys will also be difficult to steal. This is probably more invasive than you want, since it will require your users to be connected to the internet to use your software.