Resource Encryption Enterprise

Embedded resources (images, config files, data files) in an unobfuscated .NET assembly are stored in plain form and can be extracted with any resource viewer. Demeanor compresses and encrypts them; the application loads each resource transparently on first access.

Usage

CLIMSBuildDefault
(enabled by default at Enterprise)(enabled by default)On
--no-resources<DemeanorNoResources>true</DemeanorNoResources>Disable

Before & After

BEFORE
// Resources visible in ILSpy resource viewer:
config.json          2,340 bytes
logo.png             14,208 bytes
templates.xml        8,192 bytes
// All readable with any hex editor
AFTER OBFUSCATION
// Resources in obfuscated assembly:
a                    1,847 bytes  (compressed + encrypted)
b                    11,204 bytes (compressed + encrypted)
c                    5,891 bytes  (compressed + encrypted)
// Binary content — no readable data

Resource names are renamed, content is compressed then encrypted. The application loads each resource transparently on first access. ResourceManager-format .resources files are not encrypted because the strings inside them are already protected by string encryption.

When to Disable

  • Startup latency — first access to each resource has decompression overhead. For very large resources (>10 MB), consider excluding them.
  • AOT/NativeAOT compilation — resource resolver injection may conflict with AOT resource handling.

Ready to protect your .NET code?

View Pricing All Options

support@wiseowlsoftware.com · wiseowlsoftware.com