Last week, we worked on polishing up the .NET Obfuscation checker, and by the end of the week, the beta was ready to ship. We’ve posted it up on Red Gate’s “Labs” site – a place for experimental tools and small free widgets.
It’s a beta, and certainly not perfect, but it works and we’re pretty happy with it.
What does it do?
The checker scans through a folder and gives you information about the security of executables and libraries inside.
- See if an assembly is obfuscated, digitally signed, strong named, not a .NET assembly, or has only public types.
- See the references for each assembly.
- Browse through the decompiled code for each assembly so you can see what’s exposed and how.
- Display information about how an assembly is obfuscated.
- Run the checker from the command line as part of the build process.
There’s a bit more information about how it works (and how to use the command line) on the labs page. We’ll try to update that and flesh it out a bit.
Licensing, usage, boring details
The checker is a beta, and we’re not sure when we’ll be able to update it or how much we’ll be able to support it. So it’s free.
You can download an use it without needing a license. It includes its own version of Reflector, so you don’t need to have a Reflector license to use the checker.
Feedback, bug reports, etc
I’ve typed the phrase “it’s a beta” about a thousand times by now, so it’s probably pretty clear that this isn’t a mature product. It’s been as well tested as we could manage in a week, and you’ll almost certainly find the odd glitch.
Tell us about it. Let us know what you think, whether it’s useful, and what else you’d like to see it do.
A fair few of you have told us you’d like a tool like this, so hopefully it’ll be useful. Again, let us know what you think.