Command Line Reference

The Babel Obfuscator command line tool accepts different options. A double hyphen character prefixes each option. The following section will describe each option you can enter at the command line.

Miscellaneous

Those options are typically used to configure general obfuscation features or the way Babel Obfuscator deals with the target assembly.

--help [option]

Typing --help without any parameters will show the main help menu. When the parameter [option] is specified, Babel will display the extended help for the command specified. For example:

--help strings

Prints the following information:

stringencryption (nostringencryption, no-stringencryption, string-encryption, no-string-encryption, strings, no-strings)
usage: --[no]stringencryption [name]
  Enable ([no]disable) string encryption (default: disabled)

  When enabled, all the user strings in the target assembly will be encrypted. The   
  optional parameter name sets the encryption type.

hash - Compressed hash table. The strings are arranged into compressed encrypted hash table data. This algorithm ensures tamper protection.
xor - Inline xor strings.

This shows a list of aliases admitted for the command, followed by the command usage and a short description.

This option controls the display of the Babel Obfuscator copyright message at startup. The copyright message will not be shown if the optional prefix [no] is specified.

--license [path|env]

When the optional argument is not specified, it displays available license information. Optionally you can specify the license file path.

babel --license C:\Babel\babel.licenses

Alternatively, you can specify a search directory where Babel should look for the license file.

If you have a license key, you can use the env option to pass it to Babel as follows:

babel --license env:BABEL_LICENSE_KEY

Here the BABEL_LICENSE_KEY is the Environment variable containing the license key.

--verbose <n>

Sets the console output verbosity level. Where <n> is a mandatory non-negative integer number. If 0 is specified, no messages are displayed during obfuscation. A number greater than 10 will make Babel show debug information.

--noconfig (@)

Skip loading the default configuration for command line values. If specified, all default values that are in the babel.exe.config file, are ignored:

babel myapp.exe --noconfig
babel myapp.exe @

--nowarn <warn list>

Suppress the notification of one or more warning messages. The <warn list> parameter represents a list of warning IDs separated by a comma character. Babel will silently ignore warning numbers passed to the nowarn option.

--[no]warnaserror [warn list]

Specifies a list of warnings that should be treated as errors halting the obfuscation process. The [warn list] is an optional comma-delimited list of the warning IDs.

--[no]statistics [file]

Whether to generate obfuscation statistics, which can either be logged at the end of the program or saved to a file if specified.

The following additional options are available:

full=[on/off]    Whether to collect additional method statistics

By enabling full obfuscation statistics, additional method information like CYC (Cyclomatic Complexity) is collected. This could cause resource consumption, especially when processing assemblies with many types.

--[no]agent (a)

This option enables or disables the obfuscation Agent. When enabled, the agent performs a static analysis of the code to prevent renaming or obfuscation of target assembly symbols that could otherwise cause malfunctions in the obfuscated application.

--assemblyname <option>

This option provides flexibility in determining the name of the target assembly. The available options are:

  --assemblyname name=assemblyname
  --assemblyname inputfilename
  --assemblyname outputfilename
  --assemblyname nochange (default)

The default behaviour is nochange. It means that the assembly name will not be changed from its original value. If you don't specify any --assemblyname option, this will be the behavior.

--[no]satellite [assembly]

Enables, [no] disable the processing of satellite assemblies. If the optional parameter [assembly] file is specified, treat the specified assembly file as a satellite assembly of the target assembly.

--addsearch <path>

Adds the specified directory <path>, to the list of folders where Babel searches for referenced assemblies.

The parameter <path> can be a wildcard expression to match a set of directories. The following special characters can be used to make a wildcard expression:

*

matches any number of any characters including none

?

matches any single character

**

matches any directory recursively

[a-z]

matches one character from the range given in the bracket

[!ab]

matches any characters that are not in the given bracket

The following special strings can be combined into the path expression for the currently searched assembly:

:assemblyname:

searched assembly name

:assemblyversion:

searched assembly version

:assemblypublickeytoken:

searched assembly public key token

This option can be entered multiple times.

 --addsearch .\**\lib
 --addsearch .\:assemblyname:\**\netcoreapp2.0

--quickrule <rule>

Enter a quick rule definition. A quick rule can be used instead of an XML rule when the user wants to configure the obfuscation process without having to make an XML rule file.

Quick rule syntax:

feature[=exclude];[regex];[access];[target]

Where:

feature

Is the name of the targeted feature

[=exclude]

Can be specified to disable the feature

[regex]

Is an optional regular expression used to filter the symbols. By default, the obfuscator will take all symbols.

[access]

Set the visibility of the symbols that should be processed and can be one of the following values: Public, Protected, Internal, Private, All (default All)

[target]

Specifies the symbol kind. Admitted values are: Classes, Delegates, Structures, Interfaces, Enums, Events, Methods, Properties, Fields, StaticFields, Resource, All (default All)

The quickrule switch can be entered multiple times. Quick rules will be processed in the order they are encountered at the command line and before the processing of any XML rule.

Rename all public symbols inside the target assembly:

babel myapp.exe --quickrule renaming;.*;Public

Disable string encryption within the ACME namespace:

babel myapp.exe --quickrule "string encryption=exclude;ACME.*;All;Methods"

Enable code encryption for the ACME.Licensing class:

babel myapp.exe --quickrule "msil encryption=on;ACME.Licensing.*"

--dbghelpdlldir <path>

This option runs on Windows OS only and configures the path to the dbghelp.dll, allowing Babel Obfuscator to load debug symbols from the Microsoft Symbol Server.

--trace <regex>

Enables obfuscation tracking for symbols whose full name signature matches the specified regular expression. This option can be used to debug regular expressions.

babel myapp.exe --trace MyNamespace.MyClass::MyMethod

Trace the method named MyMethod and log debugging information about its obfuscation status.

--randomseed <seed>

Set the seed used to initialize the Babel Obfuscator random number generator. It can be set to have a deterministic obfuscation. The parameter <seed> can be any hexadecimal string.

--use <key=value>

Set additional Babel Obfuscator options as key-value pairs.

debugxaml=[on/off]          Whether to enable XAML debug mode
encryption=<name>           Set encryption algorithm (Aes, DES, TripleDES, Rijndael, RC2, XOR)
experimental=[on/off]       Whether to enable experimental features
loadtomemory=[on/off]       Whether to load assemblies to memory
parallel=[on/off]           Whether to perform multithread obfuscation
tagassembly=[on/off]        Whether to tag assembly with the BabelObfuscator attribute
obfuscationattr=[skip/keep] Skip processing or force attribute retention
logtimestamp=[on/off/fmt]   Whether to add a timestamp to the log output (fmt date time format)

Examples:

Output debugging information related to all XAML resources having a name starting with Panel

babel myapp.exe --use debugxaml=Panel.* --verbose 5

Tag the obfuscated assembly with the [BabelObfuscator] attribute.

babel myapp.exe --use tagassembly=on

Force Babel Obfuscator to use TripleDES encryption algorithm

babel myapp.exe --use encryption=TripleDES

The experimental option can also accept a list of obfuscator features, including "all" which allows using new obfuscation algorithms not yet released for all .NET platforms.

babel myapp.exe --use experimental=all

When experimental features are enabled in Babel, it is important to note that the obfuscation tool will not verify if the platform-specific requirements are met. This means that all the obfuscations configured will be executed regardless of whether they are appropriate for the target platform. It is essential to keep in mind that enabling experimental features can increase the risk of errors and may affect the application's performance. Therefore, it is recommended to use experimental features cautiously, preferably only in a testing environment, and with a thorough understanding of the potential risks involved.

--[no]isobfuscated [action]

Whether to detect if the target assembly is already obfuscated. This option can be useful in a build scenario where there is the possibility that the target assembly is processed a second time. Babel parses the symbol names to see if the assembly has already been obfuscated. However, there are some cases where the analysis could give an incorrect result. In this situation, it is better to tag the assembly with the BabelObfuscator attribute (see --use option).

Input Files

The Input Files section includes options that provide external files to Babel Obfuscator containing additional configurations or data necessary to perform some specific operation.

--keyfile <file>

Set the strong name file to re-sign the obfuscated assembly and localized resource DLLs. Babel Obfuscator supports Strong Name Key (.snk) and Personal Information Exchange (.pfx).

if a Personal Information Exchange file is used, add the command line option --keypwd to specify the .pfx file password.

--keyname <container>

Use this option to re-sign the application if the key pair is stored in a key container. The mandatory <container> parameter represents the key container name used to re-sign the obfuscated assembly and localized resources DLLs.

--keypwd <password>

Specifies the password requested by a Personal Information Exchange (.pfx) file to re-sign the obfuscated assembly. When the password is not specified from the command line, Babel will require the user to enter the proper password during the obfuscation process.

--rules <file>

Set an XML rule file used by Babel to configure the obfuscation process. This option can be specified multiple times. Rule files will be processed in the order they are entered on the command line.

babel myapp.exe --rules ruleset1.xml --rules ruleset2.xml

--mapin <file>

Set the input XML obfuscation map file that will be used to obfuscate the names of referenced symbols. This option can be specified multiple times.

babel myapp.exe --mapin library.map.xml --mapin utils.map.xml

--project <file>

Specify an obfuscation project file.

--stacktrace <file>

Deobfuscate stack trace file. This option requires passing a text <file> containing the obfuscated stack trace and a set of XML mapping files to deobfuscate the stack trace content.

babel --stacktrace obfuscatedstacktrace.txt --mapin myapp.map.xml --mapin library.map.xml

Output Files

Babel Obfuscator options to set output filenames.

--output <file>

Set the output file path for the obfuscated target. If this option is not provided, the obfuscated target will be saved into the BabelOut subdirectory of the original assembly folder.

--pdb <file>

Set the output PDB file path. This option can be used when the --debug option is enabled.

--pdbpwd <password>

Set debug information file password. The password will encrypt the source code file names stored inside the PDB.

--logfile <file>

Send the Babel Obfuscator output messages to a log file.

--mapout [file]

Set the output file name for the XML obfuscation map. If the optional parameter [file] is not provided, Babel Obfuscator will name the XML map file as the original assembly name, adding the extension .map.xml.

--makeproject [file]

Creates an MSBuild project file from the entered command line. If the optional parameter [file] is not provided, Babel Obfuscator will save the project file into the BabelOut subdirectory.

Plugins

Plugins are additional components that extend the functionality of Babel Obfuscator. They allow for adding or modifying obfuscation features, enabling greater customization and control over the obfuscation process. (see Encrypt Plugin)

--plugin <file>

Set Babel Obfuscator plugin file path. This option may be specified multiple times.

--argument <key=value>

Set plugin argument as key-value pair. This option may be specified multiple times.

Merge and Embed Assemblies

Assembly merging involves combining multiple assemblies into a single primary assembly. Babel Obfuscator performs this operation by merging and obfuscating all the assemblies specified after the primary assembly in the command line.

--[no]copyattrs [regex]

When this option is enabled, all the assembly-level attributes of each input assembly are copied into the target assembly. An optional regular expression can be specified to merge duplicate attributes that match the given regular expression.

--embed <assembly>

Babel Obfuscator can embed multiple dependency assemblies into the target assembly. The embedded assemblies are compressed and encrypted. Embedding can simplify the deployment and reduce the size of the software. It can be used instead of merging when there is no need to fully obfuscate the dependency assembly.

This option can be specified multiple times.

babel myapp.exe --embed Library1.dll --embed Library2.dll

--[no]internalize

When enabled, all public types in merged assemblies will have their visibility restricted to internal (Friend VB).

--[no]jsonmanifest

Enable ([no]disable) handling of dependencies manifest (default: enabled). Babel Obfuscator can update .deps.json manifest file of the target assembly when merging dependencies.

Renaming

These commands can be used to configure symbol renaming.

--[no]types (t)

Whether to enable types renaming.

--[no]events (e)

Whether to enable events renaming.

--[no]methods (m)

Whether to enable methods renaming.

--[no]parameters (r)

Whether to enable the method's parameters renaming.

--[no]properties (p)

Whether to enable properties renaming.

--[no]fields (f)

Whether to enable field symbols renaming.

--[no]xaml [key=value]

If enabled, symbols used in XAML or BAML resources are renamed. This option can accept optional key-value pairs specified as <key>=<value>.

Accepted key values are:

keys=[on/off]      Whether to enable renaming of dictionary keys
res=[on/off]       Whether to enable renaming of BAML/XAML resources
strip=[on/off]     Whether to strip line information or white spaces
manual=[on/off]    Whether to use manual symbol renaming

--[no]virtual [key=value]

Whether to rename virtual members such as methods, properties, and events. This option can accept optional key-value pairs specified as <key>=<value>.

Accepted key values are:

external=[on/off]    Whether to obfuscate external virtual calls

--[no]overloaded [key=value]

When enabled, Babel Obfuscator uses the same name for two or more methods of the same type whenever CLR rules permit. Key-value pairs can optionally be entered to select which overloading to apply.

Accepted key values are:

methods=[on/off]     Whether to overload methods
properties=[on/off]  Whether to overload methods
parameters=[on/off]  Whether to overload parameters

--[no]flatns (n)

When enabled, all renamed types are moved into the global namespace. This flattens the namespace hierarchy and no namespace information is embedded into the obfuscated assembly.

--[no]unicode [char set]

If enabled, the names are replaced with unreadable Unicode strings. With Unicode normalization disabled, all the obfuscated names are made by strings of lowercase characters taken from the Latin alphabet. Optionally the user can specify the character set used to generate obfuscated names.

babel myapp.exe --unicode 0xf000-0xfe00 
babel myapp.exe --unicode 10,13,a-z

--namelength <n>

Set the minimum name length of renamed symbols. Optionally key-value pairs can be entered to fix the minimum length of types, methods, properties, fields and events separately.

babel myapp.exe --namelength types=12 --namelength methods=3

--nameprefix [prefix]

Set the name prefix of renamed symbols. Optionally key-value pairs can be entered to set the prefix of types, methods, properties, fields, events and parameters separately.

babel myapp.exe --nameprefix types=$Name_ --nameprefix methods=M_

The special value $Name is replaced with the original symbol name. Typically the $Name prefix can be used to debug renaming issues.

--[no]xmldoc [file|regex]

Whether to update the target assembly XML documentation by filtering out all renamed symbols. Optionally the XML document file path or a regular expression can be specified. If the file name or the regular expression matches the XML documentation file name of a merged assembly. In that case, the XML document of the merged assembly will be merged into the XML document of the target assembly.

Control Flow Obfuscation

Control flow obfuscation involves transforming the code of a method, thereby obscuring its execution path and making the resulting flow much more complex and difficult to comprehend.

--[no]controlflow

Used to alter the method control flow. Key-value pair <key>=<value> can optionally be entered to configure code scrambling.

Accepted key values to produce verifiable IL code:

goto=[on/off]    Whether to insert irrelevant branches
switch=[on/off]  Whether to enable switch scrambling
case=[on/off]    Whether to hide case constants
if=[on/off]      Whether to enable if scrambling
call=[on/off]    Whether to enable random calls
value=[on/off]   Whether to use value encryption
token=[on/off]   Whether to enable emission of method tokens

To produce unverifiable IL code:

underflow=[on/off]  Whether to enable stack underflow

This option can be specified multiple times, for example:

babel myapp.exe --controlflow if=on --controlflow switch=on --controlflow case=on
--controlflow call=on

--iterations <n>

Set the number of iterations used in the control flow obfuscation algorithm. Setting the number of iterations to 0 will disable control flow obfuscation. As n increases, an increasing number of irrelevant branch instructions are inserted in each method.

--[no]invalidopcodes [mode]

Use this option to emit invalid MSIL op-codes. This will stop some reflection tools from inspecting the IL method body.

Activating this option will result in the obfuscated assembly being non-verifiable by Intermediate Language (IL) verifiers. It is important to note that code that is not IL verifiable cannot run on x64 operating systems and, therefore, this option should not be enabled if the obfuscated assembly targets x64 platforms.

The optional parameter [mode] enables different invalid opcodes configurations:

enhanced: Insert additional invalid op-codes

Encryption and Protection

Options targeting advanced obfuscation features like string and code encryption.

--[no]msilencryption [regex]

Whether to enable Code Encryption for methods matching the optional regular expression or obfuscation rules defined in XML rules files. This option can be specified multiple times.

--[no]stringencryption [name]

Whether to enable encryption of user strings. An optional parameter name can be specified to select the encryption algorithm used.

Accepted algorithm names are:

hash     The strings are arranged into a hash table
xor      Inline XOR encoded strings

--[no]valueencryption [key=value]

This option enables the encryption of inline constant values and arrays. Key-value pair <key>=<value> can optionally be entered to enable or disable the encryption of some defined types.

Accepted key values are:

int32=[on/off]	   Whether to encrypt Int32 values
int64=[on/off]	   Whether to encrypt Int64 values
single=[on/off]	   Whether to encrypt Single values
double=[on/off]	   Whether to encrypt Double values
array=[on/off]	   Whether to encrypt Arrays

--[no]ildasm

When enabled, the System.Runtime.CompilerServices.SuppressIldasmAttribute is added to the target assembly to prevent the Microsoft MSIL Disassembler: ILDASM (Ildasm.exe) from disassembling the obfuscated target.

--[no]reflection

Whether to enable the emission of invalid metadata to stop reflection-based tools.

--[no]resourceencryption [key=value]

Whether to enable managed resource encryption. When enabled, all the embedded resources are compressed and encrypted. Key value pairs can be optionally entered to specify additional settings.

Accepted key values are:

encrypt=[on/off]   Whether to encrypt resources
compress=[on/off]  Whether to compress resources
protect=[on/off]   Whether to protect embedded resources

--[no]proxy [type][;regex]

Whether to enable the generation of proxy calls to external/internal methods. The optional parameter [type] can have one of the following values:

external     hide calls to external assembly methods
internal     hide calls to internally defined assembly methods
all	     hide both internal and external method calls

Optionally the user can enter a regular expression to match the method signature that should be proxied, for example:

babel.exe myapp.exe --proxy external --proxy ;System.Array::.* --proxy ;::GetEnumerator

--[no]tamperingdetection

Whether to enable anti-tampering protection.

--[no]antidebugging

Whether to enable anti-debugging protection.

Code Generation

These options concern some code optimizations that Babel Obfuscator can add to the target assembly.

--addreference <assembly>

Add or retarget an assembly reference to the target assembly. Example:

babel myapp.exe --addreference "[System*, Version=2.0.5.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]"

Retargets all System references to portable assemblies. This option can be specified multiple times.

--[no]cleanattrs <regex>

Whether to enable the removal of unwanted attributes. The <regex> parameter is a regular expression that matches the unwanted attribute type's full name. This option can be specified multiple times.

--[no]constremoval

Whether to enable the removal of constant fields. Any reference to a constant field will be replaced by its constant value whenever possible.

--[no]deadcode [regex]

Whether to enable Dead Code Removal. When enabled, removes all methods, properties, fields and events that are not reached by any coding pattern. An optional entry point can be specified through [regex] to define where to start the search.

--[no]debug [source]

Whether to enable the emit of the debugging information and generate a PDB debug symbol file for the obfuscated target. A debug symbol store can optionally be specified.

--debug srv*c:\Symbols*http://msdl.microsoft.com/download/symbols

--[no]disgregateremoval

Whether to enable the removal of property and event metadata information, leaving only properties and events accessor methods.

--[no]enumremoval

Whether to enable the removal System.Enum types. Any reference to an enum field will be replaced with its constant value whenever possible.

--[no]inlineexpansion

Inline code expansion will allow a method call to be replaced by its own code at the point where the call is made.

--[no]instrument [regex]

Whether to enable, code instrumentation. An optional regular expression can be specified to target the fully qualified members that should be instrumented.

Fully qualified members have the following syntax

[NamespaceName].[TypeName]::[MethodName]

Example:

babel myapp.exe --instrument mynamespace\.mytype::.* 

This option can be entered multiple times.

--[no]emptymethods

Whether to add instrumentation code to methods with an empty body.

--moduleinitializer [method]

Add module initializer code. Optionally a static method signature with no parameters can be specified, which will be called after the module loads.

[Obfuscation(Feature = "module initializer:priority=120")]
public static void DoInitialize120()
{
   Console.WriteLine("DoInitialize120");
}

Where priority can get an integer value which defines the order that babel will call initializer methods. Babel adds its initializer methods with a default priority set to 100. Initializers with a priority of less than 100 will be called first.

--[no]seal

When enabled seal all non-public classes that are not used as base classes in an inheritance hierarchy. Declaring a class as sealed can improve method call performance by preventing the Just-In-Time (JIT) compiler from walking the method's virtual table, where possible.

Last updated