Hi,@sam sam. Welcome to Microsoft Q&A.
Application Protection:
Method1:Use encryption algorithms(AES, DES, etc.) for sensitive information (account passwords, database connection strings, etc.). This way, even if it is decompiled, the sensitive information will not be directly exposed.
Method2:Dynamically generate code instead of static code
Code Obfuscation:
Method1:Use the obfuscation tool that comes with VS: Dotfuscator
For its usage, please refer to the official documentation:Use Dotfuscator Community to protect .NET apps - Visual Studio (Windows) | Microsoft Learn
Additional Security Measures:
Method1: Strong name
Function: Prevent the assembly from being illegally modified. After modifying the assembly, you must re-strong name the assembly with your private key
Reference Links: How to: Sign an assembly with a strong name - .NET | Microsoft Learn
Method2: Compile the relevant Method in the assembly into Unmanaged (Unmanaged code)
Function: Unmanaged code is generally not decompilable by current decompilation tools.
Condition: You must use VC++.NET unmanaged mode to write dll, and then use VC++ managed mode to build a project to introduce this native code dll. Finally, a Dotnet assembly dll is generated. Then this assembly contains both managed code and unmanaged code.
Method3: Add serial number mechanism and online activation verification
Method4: Add [assembly: SuppressIldasm()] in the project file AssemblyInfo.cs
Additional: This method can prevent decompilation by some decompilation tools (such as ildasm.exe).But for decompilation tools such as ILSyp and Reflector, it cannot prevent.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.