Screen shots

1. Obfuscated Code before Linking: The following image shows the obfuscated code after the original Scribble.exe (without linking) is obfuscated. Although symbols defined in the same assembly have been modified, but those external references (System.Windows.Forms) are visible. No obfuscators will be able to rename them. If these public APIs are obfuscated, the resulting code will not run at all.

   

   
   
2. Obfuscated Code after Linking: The following image shows the obfuscated code after the linked Scribble.exe is obfuscated. Since external references (System.Windows.Forms) APIs are also defined in the same module, so they are no different from your won code, and you can obfuscate them at your will. Those public APIs are not visible at all. No other ways can achieve this level of protection. Looking into the decompiled code, it is much much harder to understand than those shown above.

   

   
   

3. Step through Framework Code: The following image shows how to step through the framework code under Visual Studio .NET debugger. The ThreadContext is a nested class inside the System.Windows.Forms.Application class which is defined in the System.Windows.Forms.dll assembly. By linking this assembly into your own code, you can debug the method using the MSIL code. Without such linking, there is no way to examine such an internal method because the debugger will only show jitted native code for such methods that you do not have access to their source code. Shown below also shows how the local variables can be watched.