======= Java Obfuscation =======

==== Introduction ====

> **Java obfuscation** is the process of modifying Java code to make it difficult to understand and reverse-engineer. Our goal here is avoid other company to take part of our app for reuse
> This guide covers basic idea and tools for obfuscating Java code, specifically for production environments, with the idea of keep methods for debugging obfuscated code

==== Obfuscation Techniques ====

  * **Stripping Comments and Whitespace**: removing all comments and unnecessary whitespace from the code, that will make all process more complicated for someone trying to understend reverse
  * **Renaming Members/Methods/Classes**: Renames variables, methods, and class to someting hashed or randomised, this is the crucial part for making the code less readable
  * **Providing Original Mapping (for Debugging)**: When renaming, it's vital to keep a map of original names to the obfuscated ones -> This map is internal and only for debugging purposes

==== Debugging Obfuscated ====

  * **Maintain a Mapping File**: Always keep a mapping file from every version of the obfuscation process, This file maps the original class/method names to the obfuscated ones, essential for debugging
  * **Reverse Mapping for Debugging**: Use the mapping file to reverse the obfuscation process during debugging, load it on memory or pass it on external tool ?

>  This way, we can understand stack traces and logs in the context of the original code

==== Recommended Obfuscation Tools ====

  * **ProGuard**: Paid tool, a Java class file shrinker, optimizer, obfuscator, and preverifier, know for reducing the size of applications and guarding them against reverse engineering
  * **HomeMade**: A code shrinking and minification tool created internaly can be a good solution for effective, we can checking online other open source tool for take idea ?

==== Avoiding Specific Tools ====

> In this part, we avoid several tools known for Java obfuscation due to various reasons like lack of support, complexity, or licensing issues. 

List update (23/11/2023)
    * Zelix Klassmaster
    * Stringer
    * Allatori
    * DashO
    * DexGuard
    * ClassGuard
    * Smoke
    * superblaubeere27 / JObf / sb27
    * Paramorphism ( <= 2.1.2_9)
    * Caesium
    * Monsey
    * SkidSuite2
    * Skidfuscator
    * Skid qProtect (<= 1.9.6)
    * Scuti
    * CheatBreaker
    * Bozar
    * RakSzild
    * HP888
    * Binsecure
    * Radon
    * Branchlock
    * Colonial
    * Sentinel

==== Conclusion ====

Java obfuscation is a vital part of software development, especially for protecting our intellectual property, preventing pirate-copy and preventing reverse engineering

A Obfuscation we can complicate debugging is require and possible if we maintaining a proper mapping file we can mitigate issues caused by the obfuscation