Jump to a section

⚙️
How it works
Obfuscation techniques
🖥️
Screenshots
See it in action
📊
Comparisons
vs. other tools
FAQ
Common questions
💳
Pricing
Plans & licenses
🎓
Tutorials
Step-by-step guides
📦 The basics

The direct answer - in plain English

When you compile C# or VB.NET code, the .NET runtime produces Intermediate Language (IL) bytecode inside a .dll or .exe. IL is surprisingly readable - free tools like ILSpy or dnSpy can decompile your production binary back to near-perfect C# in seconds.

Opaquer sits between your build step and deployment. It rewrites the IL inside your assembly, applying multiple layers of transformation so that decompilation produces meaningless, misleading, or unrunnable code - while your app itself continues to work identically.

🏷️

Symbol renaming

Class, method, field, and property names are replaced with random or misleading identifiers. InvoiceCalculator.ComputeTotal() becomes a.b().

🌀

Control flow obfuscation

Loops and conditionals are restructured into opaque predicates and fake branches that confuse decompilers without altering runtime behaviour.

🔑

String encryption

Plaintext literals - API keys, connection strings, licensing tokens - are encrypted at build time and decrypted only at the moment of use.

🛡️

Anti-tamper & anti-debug

Runtime checks detect modified assemblies or attached debuggers and respond with configurable actions: crash, misbehave, or phone home.

📦

Resource & metadata protection

Embedded resources and assembly metadata are stripped or encrypted, removing build paths, developer names, and version hints.

Build pipeline integration

Runs as an MSBuild target, a CLI tool, or a GitHub Actions step - no manual GUI step needed in CI/CD.

🔬 Under the hood

What obfuscation actually looks like

Here's a real-world before/after comparison of a .NET licensing check function, as it appears in a decompiler before and after Opaquer processes the assembly.

⚠️ Before obfuscation - readable by anyone
// Easily decompiled with ILSpy or dnSpy
public class LicenseValidator
{
    private const string SecretKey =
        "SK-PROD-2024-XK9";

    public bool IsLicenseValid(
        string licenseKey)
    {
        if (licenseKey == null)
            return false;

        return licenseKey
            .StartsWith(SecretKey)
         && licenseKey.Length == 24;
    }
}
✅ After Opaquer - decompiler output
// Decompiler cannot recover meaning
public class a2F
{
    private static string b7x()
    {
        return ɑ.ʘ("\u0041\u2060\u200B",
            0x3F ^ 0x1A);
    }

    public bool ɑb(string ʘ9x)
    {
        if (ʘ9x == null) goto IL_002F;
        IL_0010:
        if (!ʘ9x.StartsWith(b7x()))
            goto IL_002F;
        return (ʘ9x.Length ^ 0x18) == 0;
        IL_002F: return false;
    }
}

The obfuscated version is functionally identical - your end-users notice nothing. Attackers see noise. Learn more in the tutorial ->

🖥️ Interface

Opaquer in action

Opaquer ships with a GUI for one-click protection and a full CLI for automated build pipelines.

obfuscation
Project configuration panel Drag in a .dll or .exe, pick your protection rules, and click Obfuscate. Takes seconds on most assemblies.
opaquer@ci-runner:~$
$ opaquer protect ./bin/Release/MyApp.dll \
--rename-all --encrypt-strings \
--control-flow --output ./dist/
Analyzing assembly... 1,247 types
Renaming symbols... ████████ 100%
Encrypting strings... ████████ 100%
Control flow... ████████ 100%
✔ Protected in 2.3s -> dist/MyApp.dll
CLI / build pipeline mode Integrate Opaquer directly into MSBuild, GitHub Actions, or any shell script. Zero UI required. CLI reference ->
obfuscation
Decompiler output after Opaquer ILSpy fails to reconstruct meaningful code. What an attacker sees: opaque jumps, encrypted strings, and unmeaningful names.
📊 Comparisons

How Opaquer compares

Feature comparison: Opaquer vs. common alternatives

✅ Full support   ⚠ Partial   ✗ Not available

Feature Opaquer ConfuserEx Dotfuscator CE Manual IL editing
Symbol renaming
Control flow obfuscation ⚠ Basic
String encryption ✅ AES-256 ⚠ Custom
Anti-tamper / anti-debug
CI/CD pipeline integration ✅ CLI + MSBuild ⚠ CLI only ⚠ VS plugin
Support across .NET 6 to .NET 10 ⚠ Community ⚠ Paid tiers
WPF encryption support
Commercial support SLA ✅ (paid)

Opaquer plan comparison

Feature BASIC
Free
PRO
$189.99
ENTERPRISE
$489.99
Private Names Obfuscation
Public Names Obfuscation
String values encryption
Lightweight Control Flow obfuscation
Command Line Interface
High-Intensity Control Flow
Team Deployment
Internet-Free Build Server Support
Concurrent developer seats 1 1 Unlimited

-> View full pricing page  ·  -> Download free Basic version

❓ FAQ

Frequently asked questions

Everything developers commonly ask before adopting Opaquer.

Does obfuscation affect my app's performance?
Symbol renaming and control flow transformations add zero runtime overhead - they only change the shape of the code the JIT compiles. String encryption introduces a small, one-time overhead the first moment each encrypted string is accessed. In practice, this decryption cost is sub-millisecond and generally imperceptible. However, for performance-critical paths, you can selectively exclude specific strings from encryption directly in the Opaquer GUI by simply deselecting them. Your exclusions are automatically saved into the configuration XML file, ensuring they persist across future builds.
If you rely on the command-line interface, it is essential to ensure that the CLI command references this configuration file so that your string-exclusion rules are consistently applied during automated or CI/CD builds.
Will Opaquer break reflection, serialization, or dependency injection?
Renaming public symbols that are resolved by name at runtime, such as reflection calls like Type.GetMethod("MyMethod"), JSON serialization attributes, or DI container registrations, can lead to runtime failures if those members are obfuscated. To avoid breaking these name-based lookups, Opaquer provides a GUI-level exclusion workflow: you can simply unselect any members that must retain their original names, ensuring they are omitted from the renaming process.
Is obfuscation the same as encryption? Is my code 100% safe?
Obfuscation raises the cost and skill level required to reverse-engineer your code - it is not encryption, and it cannot provide mathematical guarantees. A determined, expert attacker with unlimited time could eventually work through obfuscated IL. The goal is to make the cost of doing so economically unattractive compared to the value of your IP, not to make it theoretically impossible. For the vast majority of threat models - competitors, script kiddies, license crackers - Opaquer's protection is highly effective.
Does it work with .NET 6, 7, 8, 9, and 10?
Yes. Opaquer targets the Portable PDB and PE/COFF formats used by all modern .NET SDK toolchains, so it is compatible with .NET Core, .NET 5+, and the current LTS releases (.NET 8, .NET 10). Legacy .NET Framework 4.x assemblies are also supported.
Can I integrate Opaquer into my Azure DevOps pipeline?
Yes - this is a first-class use case. Opaquer can be used in Pipeline-level automation using Azure DevOps. You can add it to any CI/CD system that runs shell commands. See the CI/CD integration tutorial for copy-paste YAML examples for Azure Pipelines.
Do I need the source code to obfuscate an assembly?
No. Opaquer operates on compiled .dll or .exe files and does not require source code. This means you can also protect third-party assemblies you have a license to distribute, as long as their license permits modification for distribution purposes.
How does the licensing work? Is it per-developer or per-project?
Opaquer PRO licenses are issued per developer seat, not per project. A licensed developer may obfuscate unlimited projects and assemblies, provided the work is performed on a single machine.
The BASIC tier is completely free-forever for both personal and commercial use by a solo user.
ENTERPRISE licenses are site-wide, allowing unlimited installations across all PCs within the organization. View the full pricing page ->
Is the license valid permanently, or is there an annual renewal fee? If renewal is required, what is the price.
No annual fee.
Your license is perpetual and valid on one PC for all non-ENTERPRISE editions.
Future upgrades are optional and available at a 70% discount (you pay 30% of the current price).

Your Rustemsoft license also includes:
Six months of unlimited updates (minor and major).
Six months of beta access with permanent registration rights.
Six months of free email support.
After six months, upgrades for any Rustemsoft product remain 30% of the current license price.
How can I receive technical support after the initial six‑month period? Are there any fees?
We continue to assist with minor technical questions at no cost for six months after your purchase.
For major updates or ongoing full support beyond that period, Rustemsoft LLC requires purchasing a Opaquer .NET Obfuscator version upgrade, priced at 30% of the current software license fee.
Where can I learn more and get started quickly?
Start with the Getting Started guide (5 minutes), then explore the tutorials library for specific scenarios like WPF apps, ASP.NET Core APIs, etc. The full documentation covers every configuration option and API. If you need assistance, you can always submit your question via the contact form.

Ready to protect your .NET code?

Download Opaquer .NET Obfuscator. Basic Edition is free forever.

⬇ Download Opaquer 📖 Getting started guide 💳 See pricing