How to integrate ByteHide Shield with .NET projects?

Install the ByteHide.Shield.Integration NuGet package, configure your project token, and build your project. Protection applies automatically during MSBuild compilation.

Which .NET frameworks are supported by Shield?

Shield supports .NET Framework 4.0+, .NET Core 2.0+, .NET 5-8+, .NET Standard, Xamarin, MAUI, Unity, Blazor, ASP.NET, WPF, and WinRT.

How to configure Shield protection settings?

Configure Shield through MSBuild properties, environment variables, or the bytehide.json configuration file. Set protection levels, exclusions, and runtime options.

How to troubleshoot Shield integration issues?

Enable verbose logging, check build output for error messages, verify project token configuration, and ensure compatible .NET version and MSBuild tools.

How to exclude specific assemblies from protection?

Use the ExcludeAssemblies MSBuild property or add exclusion rules in bytehide.json configuration file to skip protection for specific assemblies or namespaces.

How to verify Shield protection was applied?

Check MSBuild output for Shield processing messages, examine protected assembly metadata, or use reflection tools to verify obfuscation was applied.

How to configure Shield for Unity projects?

Install Shield Unity package, configure project token in Unity settings, enable IL2CPP backend, and ensure compatible Unity version (2019.4+).

How to set up Shield in CI/CD pipelines?

Set project token as environment variable, ensure NuGet package restore, configure MSBuild parameters, and handle licensing for build agents.

Hook Detection

Protection ID: hook_detection

Hook Detection identifies when runtime hooking frameworks are active in your application's process. These frameworks allow attackers to intercept and modify method calls, bypass security checks, and alter application behavior at runtime.

Configuration

Hook Detection can be enabled through the rasp configuration:

JSON

{
  "protections": {
    "rasp": {
      "enabled": true,
      "hook_detection": true,
      "action": "exit"
    }
  }
}

{
  "protections": {
    "rasp": {
      "enabled": true,
      "hook_detection": true,
      "action": "exit"
    }
  }
}

Action options: "exit", "alert", "log", "crash".

How It Works

Runtime hooking frameworks are the primary tool for dynamic analysis of iOS applications. They allow an analyst to intercept any method call and inspect or modify its arguments and return values, replace entire method implementations at runtime, bypass security checks by overriding their return values, and trace application execution to understand its behavior.

Hook Detection identifies the presence of these frameworks in the application's process and responds according to your configured action. The detection runs continuously, not just at startup.

What Gets Detected

Detection	Description
Dynamic instrumentation frameworks	Tools that inject into the process to intercept method calls
Method swizzling libraries	Libraries that replace method implementations at runtime
Objective-C runtime manipulation	Unauthorized use of the Objective-C runtime to modify behavior

When to Use

Hook Detection is recommended for any application where method-level integrity is important. It is critical for applications with authentication flows, payment processing, license validation, or any security-sensitive logic that could be bypassed by hooking individual methods.

Anti-Debug - Detect debugger attachment
Trace Detection - Detect tracing tools
Tamper Detection - Detect binary modifications
Protections Overview - All available protections

Configuration

How It Works

What Gets Detected

When to Use

Related