Skip to content
/ AntiRe.Runtime Public
forked from PeterG75/AntiRe.Runtime

A open source .net library for prevent from assembly being reverse engineered

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

xuan2261/AntiRe.Runtime

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits

.vs/AntiRE.Runtime/v14

.vs/AntiRE.Runtime/v14

 
 

AntiRE.Runtime

AntiRE.Runtime

 
 

AntiRe.Example

AntiRe.Example

 
 

AntiRE.Runtime.sln

AntiRE.Runtime.sln

 
 

README.md

README.md

 
 

Repository files navigation

AntiRE.Runtime

About :

A open source .net library for prevent from assembly being reverse engineered

Tip :

Obfuscate dll and merge it with main assembly for more security

Features :

[+] Anti debugger

[+] Anti sandbox

[+] Anti virtual machine

[+] Anti reverse engineering tools

[+] Anti memory dumping

[+] Anti dnspy

[+] Anti sniff (prevent network being monitored)

Usage :

Namespaces :

  using System;
  using AntiRE.Runtime;
  using System.Diagnostics;

Prevent assembly being dumped from memory

  AntiDump.Parse(typeof(this.GetType()));

Get current process

  var CurrentProcess = Process.GetCurrentProcess();

Prevent application start under sandbox tools

  AntiSandBox.SelfDelete = false; //Delete application executable file
  AntiSandBox.ShowAlert = true; //Show a message
  AntiSandBox.Parse(CurrentProcess);

Prevent application start on virtual machine

  AntiVirtualMachine.SelfDelete = false;
  AntiVirtualMachine.ShowAlert = true;
  AntiVirtualMachine.Parse(CurrentProcess);

Prevent from network being monitored

  AntiSniff.SelfDelete = false;
  AntiSniff.ShowAlert = true;
  AntiSniff.Parse(CurrentProcess);

Prevents reverse engineering tools from running in the system

  AntiReverserTools.SelfDelete = false;
  AntiReverserTools.ShowAlert = true;
  AntiReverserTools.Aggressive = false; //Execute malicious codes (not recommended)
  AntiReverserTools.IgnoreCase = true; //Ignore case in process name
  AntiReverserTools.KeepAlive = true; //Keep anti reverse engineering service alive in background
  AntiReverserTools.WhiteList.Add("notepad"); //Add a process name to whitelist
  AntiReverserTools.BlackList.Add("dnspy"); //Add a process name to blacklist
  AntiReverserTools.Start(CurrentProcess);

Anti debugger

  AntiDebugger.SelfDelete = false;
  AntiDebugger.ShowAlert = true;
  AntiDebugger.Aggressive = false;
  AntiDebugger.KeepAlive = true; //Keep anti debugger service alive in background
  AntiDebugger.Start(CurrentProcess);

Detect if dnspy installed on system

  AntiDnspy.SelfDelete = false;
  AntiDnspy.ShowAlert = true;
  AntiDnspy.Parse(CurrentProcess);

Anti sniff request to server

  using System.Net;
  try
  {
  HttpWebRequest req = (HttpWebRequest)WebRequest.Create("https://google.com");
  req.ContinueTimeout = 10000;
  req.ReadWriteTimeout = 10000;
  req.Timeout = 10000;
  req.KeepAlive = true;
  req.UserAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36";
  req.Accept = "*/*";
  req.Method = "GET";
  req.Headers.Add("Accept-Language", "en-US,en;q=0.9,fa;q=0.8");
  req.Headers.Add("Accept-Encoding", "gzip, deflate");
  req.AutomaticDecompression = DecompressionMethods.GZip;
  req.ServerCertificateValidationCallback = AntiSniff.ValidationCallback; //Server Certificate Validation
  req.ServicePoint.Expect100Continue = false;
  using (HttpWebResponse response = req.GetResponse() as HttpWebResponse)
  {
  if (response.StatusCode != HttpStatusCode.OK) //Optimal
  {
  Alert.Show("NETWORK CONNECTION ERROR, CHECK YOUR INTERNET CONNECTION OR CLOSE SNIFFER SOFTWARES");
  Environment.Exit(0);
  return;
  }
  }
  }
  catch{
  Alert.Show("NETWORK CONNECTION ERROR, CHECK YOUR INTERNET CONNECTION OR CLOSE SNIFFER SOFTWARES");
  Environment.Exit(0);
  return;
  }

Alert message settings

  Alert.NotepadStyle = true; //True == Show message in notepad & False == MessageBox
  Alert.AutoClose = false; //Auto close message box after preferred time
  Alert.AutoCloseTime = 2; //Time (seconds) to close the messagebox
  Alert.NotepadPath = "readme.txt"; //Notepad file path

Contacts :

Website : www.CodeStrikers.org

Telegram : @SychicBoy

Softwares Channel : @CSSOFT

Reverse engineering Channel : @CodeStrikers

Email : SychicBoy@CodeStrikers.org

Credits :

robsonfelix for vm detcetor

About

A open source .net library for prevent from assembly being reverse engineered

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • C# 100.0%