ConfuserEx
Created the Monday 20 June 2022. Updated 10 months, 3 weeks ago.
ConfuserEx is a open-source protector for .NET applications. It is the successor of Confuser project. It's primarily designed to make reverse engineering difficult for applications written in .NET languages like C# and VB.NET. ConfuserEx does this by using a variety of techniques like symbol renaming, control flow obfuscation, and encryption of strings and resources.
-
Supports .NET Framework 2.0/3.0/3.5/4.0/4.5/4.6/4.7/4.8
-
Symbol renaming (Support WPF/BAML)
-
Protection against debuggers/profilers
-
Protection against memory dumping
-
Protection against tampering (method encryption)
-
Control flow obfuscation
-
Constant/resources encryption
-
Reference hiding proxies
-
Disable decompilers
-
Embedding dependency
-
Compressing output
Technique Identifier
Detection Rules
Contributors
Additional Resources
External Links
The resources provided below are associated links that will give you even more detailed information and research on current evasion technique. It is important to note that, while these resources may be helpful, it is important to exercise caution when following external links. As always, be careful when clicking on links from unknown sources, as they may lead to malicious content.
- GitHub - mkaring/ConfuserEx: An open-source, free protector for .NET applications
- Detecting Stealthy ConfuserEx with Yara
Matching Samples 10 most recent
Sample Name | Matching Techniques | First Seen | Last Seen |
---|---|---|---|
NVCleanstall.exe | 2 | 2024-11-24 | 1 week, 1 day ago |