LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • 👋Introduction
  • đŸ› ī¸Integration
    • 🤖Android
      • API
      • Troubleshooting
    • 🍎iOS
      • API
      • Troubleshooting
    • đŸĻFlutter
      • FlutterFlow
      • API
      • Troubleshooting
    • âš›ī¸React Native
      • Expo
      • API
      • Troubleshooting
    • 👾Cordova
      • API
      • Troubleshooting
    • đŸĒŊCapacitor
      • API
      • Troubleshooting
  • 🚀Features and Pricing plans
    • The Key Differences: freeRASP vs. RASP+
  • 🎤What's New and Changelog
  • 📊Security Report
  • âš–ī¸User Data Policies
  • 📄License
  • 🤝Fair Usage Policy (FUP)
  • â„šī¸Wiki
    • Getting Signing Certificate Hash
    • Callback Delay, Telemetry Impact, and Threat Scanning Completion Status
    • Threat detection
      • Detecting rooted or jailbroken devices
      • Emulator detection
      • Hook detection
      • App tampering detection
      • Debugger detection
      • Detecting unofficial installation
      • Device binding detection
      • Missing obfuscation detection [Android devices only]
      • Secure Hardware detection (Keystore/Keychain secure storage check)
      • Passcode
      • System VPN detection
      • Developer Mode detection [Android devices only]
      • ADB enabled detection [Android devices only]
      • Screen Capture
    • Source code obfuscation
    • isProd flag
  • đŸĻ‰FAQ
  • 🧑‍đŸ’ģAbout Us
  • 🤝Contribution
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Wiki

Source code obfuscation

Last updated 23 days ago

Was this helpful?

The freeRASP contains public API so that the integration process is as simple as possible. Unfortunately, this also creates opportunities for the attacker to use publicly available information to interrupt freeRASP operations or modify your custom reaction implementation in threat callbacks. In order for freeRASP to be as effective as possible, it is highly recommended to apply obfuscation to the final package/application, making the public API more difficult to find and also partially randomized for each application so it cannot be automatically abused by generic hooking scripts.

The majority of Android projects support code shrinking and obfuscation without any additional need for setup. The owner of the project can define the set of rules that are usually automatically used when the application is built in the release mode. For detailed guidance, explore the official documentation through these links: and .

â„šī¸
first reference
second reference