如果它是用。net编写并编译为CIL，则可以反映出来。如果安全性是一个问题，并且要避免混淆，那么我建议使用非托管语言编写应用程序，这种语言本质上更难以进行逆向工程。

广义上讲，有三种人。

Those who will not buy your software and resort to cracks, or if they don't find any, not use your software at all. Don't expect to make any money from this group. They rely either on their own skills or on crackers (who tend to prioritize their time depending on your useful and how big your audience is. The more useful, the sooner a crack will be available). The group of legitimate users who will buy (pay for) your software, irrespective of what protection mechanism you use. Don't make life hard for your legitimate users by using an elaborate protection mechanism since they are going to pay for it in any case. A complex protection mechanism can easily spoil the user experience and you don't want this happening to this group. Personally, I'd vote against any hardware solution, which adds to the cost of your software. A minority who will resort to "unethical" cracking and will only pay for your software because its features are protected by a licensing mechanism. You probably don't want to make it exceedingly easy for this group to circumvent your protection. However, all that effort you spend on protecting your software will pay back, depending on how big this group of people is. This entirely depends on the type of software you're building.

根据您所说的，如果您认为有足够多的少数人可以被推动购买您的软件，那么请继续执行某种形式的保护。考虑一下你能从这些少数人身上赚到多少钱，与你花在保护上的时间相比，或者你花在第三方保护API/工具上的钱。

如果您想实现自己的解决方案，那么使用公钥加密是防止容易被黑客攻击的好方法(与对称算法相反)。例如，您可以对您的许可证(序列号或许可证文件)进行数字签名。解决这个问题的唯一方法就是反编译、修改和重新编译代码(你可以使用Simucal回答中建议的技术来增加难度)。

Use online update to block those unlicensed copies. Verify serial number from different modules of your application and do not use a single function call to do the verification (so that crackers cannot bypass the verification easily). Not only check serial number at startup, do the verification while saving data, do it every Friday evening, do it when user is idle ... Verify application file check sum, store your security check sum in different places. Don't go too far on these kind of tricks, make sure your application never crash/get into malfunction while verifying registration code. Build a useful app for users is much more important than make a unbreakable binary for crackers.

我也做了一些关于黑客安全的考虑，在我的设计中，我想添加他们，因为他们中的一些人似乎没有被提及:

我在我的应用程序中有一个脚本接口。为了确保，脚本只能调用(python)打算调用的方法-脚本i有一个scriptvisibilityattribute和System.Dynamic.DynamicMetaObjectProvider，它可以识别这些属性。

license使用公钥/私钥。

ViewModels需要被解锁，给解锁函数一个密码。

CoreRoutines可以在加密狗上实现。(周围有加密狗支持)

像包装这样的大解决方案并不是计划好的。

当然，这种脚本/viewModel方法并没有使我们不可能从代码中解锁和调用脚本不可见的函数，但它使这样做变得更加困难——就像所有与反黑客相关的工作一样。

当涉及到。net时，如果你正在发布Windows窗体应用程序(或任何客户端有可移植可执行文件的应用程序)，它就有可能被破解。

如果你想坚持使用。net，并且想把你的源代码被窃取的几率降到最低，那么你可以考虑将它部署为ASP。NET应用程序，而不是使它成为一个Windows窗体应用程序。

看起来永远是本地的，现在不需要在混淆器; 看起来像网芯RT可行的解决方案;很快所有的应用程序都将使用。net core;https://www.codeproject.com/Articles/5262251/Generate-Native-Executable-from-NET-Core-3-1-Proje?msg=5753507 xx5753507xx https://learn.microsoft.com/en-us/archive/msdn-magazine/2018/november/net-core-publishing-options-with-net-core

没有测试过，也许用旧的win .net SDK可能做类似的事情。