To top
Products Products

AxProtector .NET


Automatic Protection for .NET Software

AxProtector .NET is the ideal solution to save time and effort when it comes to integrating protection in your .NET software. With AxProtector .NET you can protect your software against piracy and reverse engineering in a fully automated fashion.

AxProtector .NET encrypts classes and methods of the software you aim to protect, and shields it with a safety shell, AxEngine. Best-of-breed anti-debugging and anti-disassembly methods are then injected into your software.

The individual methods are loaded in encrypted form and stay encrypted until they are needed, at which point they are decrypted automatically and in the background. After translation by the JIT compiler, the methods are again removed from memory, keeping the time that the IL code spends in unencrypted form to a minimum. This has a negligible effect on the performance of your software in return for the highest possible level of protection.

When using a .NET framework older than 4.6.1, the unencrypted methods are removed from memory after a time set by you. Intelligent two-level caching again keeps the impact on performance to a minimum, while maintaining a very high level of protection.

The Wibu Universal Protection Interface (WUPI) gives you full control over the AxEngine; you can activate or release other licenses for the simple and secure protection of your software.

Compared to the use of the CodeMeter Core API, this gives you a very high level of protection at little effort. You can also use CodeMeter Core API as an additional precaution.

Supported Operating Systems

AxProtector .NET is available in two variants: AxProtector .NET and AxProtector .NET Standard.

AxProtector .NET protects applications (executables) and libraries created with .NET Framework 2.0 or newer.

AxProtector .NET Standard protects .NET Standard 2.0 applications, including .NET Core 2.0 and Mono 5.4 applications.

Operational Principle

The use of AxProtector .NET does not require any changes to your source code. You just integrate AxProtector .NET as a post-build process. Encryption operations are carried out by AxProtector .NET after compilation of your software and before creation of the setup. AxProtector .NET is available both via graphical user interface and command line tool. As a command line tool, AxProtector .NET can run in continuous integration in an automated build system.

For modular protection, you define associations between licenses (Product Codes) and individual methods or complete classes. You can also query different licenses within the source code of your software with WUPI and set your software to react accordingly in case of missing licenses. You can, for example, hide menus or display custom error messages. The encryption with another license (Product Code) offers you the highest security level; by means of a query via WUPI, you can set controlled behaviors of your software. This combination of encryption and checks via API represents the optimum setup.

The first call to an encrypted method initiates the execution of AxEngine. AxEngine checks if a specific license is available. If so, it is automatically allocated and used to decrypt the protected method. In addition, AxEngine watches out for tampering attacks, thus ensuring integrity protection.

AxEngine remains constantly on guard for security threats to your software using highly sophisticated anti-debugging and anti-reverse engineering methods. It immediately interrupts software execution when hazards are detected. As an ISV, you can define whether or not the license should be locked under such circumstances.

An integrated watch dog within AxEngine checks the license in the background, its integrity and possible threats at regular intervals.

Optionally, AxProtector .NET injects hidden commands that CodeMeter utilizes as traps (Honey Pot). A cracker who would try to decrypt all encrypted functions would inevitably fall into a trap. The hidden command would lock the license, which could no longer be used to decrypt other functions. AxProtector .NET is therefore an excellent provider of protective measures against the systematic analysis of your software.

Compared to run-of-the-mill obfuscators, AxProtector .NET offers far stronger protections. Regular obfuscation changes names and scrambles code into spaghetti state, whereas AxProtector .NET encrypts the executable code with powerful 256-bit AES encryption. This makes decompiling the assembly on the drive impossible even with the right tools. The code is decrypted in a dongle or in a Windows system service, making it harder to attack than pure .NET-level obfuscation. Any attacker without the right license – and the right key – will not be able to extract the code from the memory. Traps are built into the code to make the systematic decrypting of all methods or extraction from memory virtually impossible. Whenever a trap is triggered, the license is blocked, and the keys cannot be used in other attempted attacks. On top of these security capabilities, AxProtector .NET has another advantage over obfuscators: The names of functions do not have to be changed, which means that features like reflection, remoting, or WCF are fully available without compromising on security.

Through the user message interface, you have the possibility to react to events, such as the absence of a license. This allows you to show custom designed messages if your software is provided with a graphical interface. In case of headless devices, you can record these events in a log file.

Interested in a personalized offer for our CodeMeter technology? Just answer a few questions and our team will get back to you with all the information you need.