flow is so bad

[3jq]

its so easy to remove, u just have to find method calls and remove everything before and after it.

[vimasig]

You have to find real jumps as well because flow obfuscation is applied to if statements (if you want a runnable application & correct flow. Otherwise you cannot correctly understand the execution order). If you say "method calls are visible, I can see the code" you don't need deobfuscation to see them, they are already visible. We need reference obfuscation to hide them.

Can you explain a little more like can you find real jumps easily and output is completely clean and correct code?

[3jq]

Ok. I meant to say, that method calls are like too easy to find. For example, in binscure, you can only find method calls in switch-cases or if cases, where they are getting called only in one case, and there are loo-ots of cases.

[3jq]

Example: switch (a) { case -1234783274823: throw null; break; case 483274237: break; case 9245375: break; case -2184738742983: MethodCall(); break; case -43279847238987: throw null; break; other cases default: break; }

And there are lots of switch cases, is statements and other things like that.

[3jq]

And in binscure, its much harder to find the method calls to understand what happens in code. In bozar, its really easy.

[vimasig]

So you mean continuous method calls without if statements like this right?

[3jq]

Yea as most bozar flow looks mostly just like this

[ghost]

And in binscure, its much harder to find the method calls to understand what happens in code. In bozar, its really easy.

binscure < bozar, binscure is very easy to deobfuscate lol

[3jq]

k, deobf pyro

[vimasig]

Now it's better with v1.7.0