Anti Debugger
Protection ID: anti_debug
This protection prevents the application from being debugged or profiled.
This protection is available in the editions:
Scale Enterprise Admits © Smart Integrity Protection System
How It Works
Anti-debugger protection employs various techniques to detect if a debugger is attached to your application. When a debugger is detected, the protection will either terminate the application or trigger custom anti-debugging behavior.
This protection helps prevent reverse engineering by making it difficult to run the application in a debugger, which is typically the first step attackers take to understand how an application works. It can detect both managed debuggers like Visual Studio and unmanaged/native debugging tools.
Parameters
This protection has no parameters or settings.
Rules configuration
shield.config.json
{
"protections": {
"anti_debug": {}
}
}
Modes
The configuration of the modes is only available in the Enterprise edition.
Safe default : Detect a debugger or profiler using the managed API.
Win32 : Detect a debugger or profiler using native Windows API. It is only compatible with the Microsoft Windows operating system.
© Smart Integrity Protection System : It uses native functions for detection and disables the use of the application when a debugger is detected.
Code Example
- Anti-debugging code detection:
// Simple anti-debugging check
public bool IsDebuggerPresent()
{
// This will be replaced with Shield's advanced anti-debugging techniques
if (System.Diagnostics.Debugger.IsAttached)
{
Console.WriteLine("Debugger detected!");
return true;
}
return false;
}
- After protection:
The anti-debugging protection adds complex checks throughout your application code. These checks are not visible in a single method, but instead work at the assembly level to detect debugging attempts and prevent successful debugging sessions.
Exclusions
- Exclude with attribute
Include this attribute in your source code:
[Obfuscation(Exclude = false, Feature = "-anti_debug")]
- Exclude from the interface
You can exclude this protection from methods or classes you want using the Shield configuration interface.
When to Use
Anti-debugger protection is most effective when:
- Licensing validation: Protecting code that validates licenses or trial periods
- Security-critical algorithms: Algorithms handling authentication, encryption, or other security features
- Intellectual property: Applications containing valuable proprietary logic
- Production builds: Release builds that will be distributed to end-users
Use caution or avoid anti-debugger protection when:
- Development builds: Do not apply this protection to debug builds or you won't be able to debug your own code
When anti-debugging protection is applied, you will not be able to debug the protected application with Visual Studio or other debuggers. Make sure to only apply this protection to release builds and maintain a separate build configuration without anti-debugging protection for development and testing.
Compatibility
| Framework | Compatibility | Comments |
|---|---|---|
| .NET Core | ✔ | Automatic adaptation according to operating system. |
| .NET Framework | ✔ | Using win32 APIs. |
| .NET (up to 8 version) | ✔ | Automatic adaptation according to operating system. |
| .NET Standard | ✔ | Automatic adaptation according to operating system. |
| Xamarin IOS | ✔ | Automatic adaptation according to operating system. |
| Xamarin Android | ✔ | Automatic adaptation according to operating system. |
| Xamarin MacOs | ✔ | Automatic adaptation according to operating system. |
| WPF | ✔ | |
| Blazor | ✔ | |
| .NET Maui | ✔ | |
| Unity | ✔ | |
| ASP | ✔ | |
| Silverlight | ✔ | |
| VBa (Visual Basic) or C# (CSharp) | ✔ | |
| WinRT | ✔ |
Shield is compatible with all versions of .NET. It automatically adapts to your specific framework, whether you're using .NET 2.0, .NET 4.7, .NET Core 2.1, or Xamarin.Forms 5.0.