# Compile After Delivery Adversaries may attempt to make payloads difficult to discover and analyze by delivering files to victims as uncompiled code. Text-based source code files may subvert analysis and scrutiny from protections targeting executables/binaries. These payloads will need to be compiled before execution before execution; typically via native utilities such as csc.exe or GCC/MinGW. Source code payloads may also be encrypted, encoded, and/or embedded within other files, such as those delivered as a Phishing. Payloads may also be delivered in formats unrecognizable and inherently benign to the native OS (ex:EXEs on macOS/Linux) before later being (re)compiled into a proper executable binary with bundled compiler and execution framework. **Example:** The .NET Framework includes a mechanism called the Code Document Object Model (CodeDOM) that enables developers of programs that emit source code to generate source code in multiple programming languages at run time, based on a single model that represents the code to render. Sometimes developers need it, and .NET Framework makes it possible. For example, the following C# code compiles the C# code assigned to the "code" variable during execution and runs it. Here is a sample code with C# ![](https://315180959-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MRh03Vwd4nuiUi3Oje7%2F-MRhsnutbaNHjXSJZhnu%2F-MRhsyQnY_kB2zdLzFZZ%2Fimage.png?alt=media\&token=3754db84-8887-44cc-8b4c-e9dbd03493fa) Any part from the "**string code"** section will get compiled and executed when the application runs. ![](https://315180959-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MRh03Vwd4nuiUi3Oje7%2F-MRhsnutbaNHjXSJZhnu%2F-MRhszMGVqK47LM4XYCP%2Fimage.png?alt=media\&token=213e22ae-fe64-4cec-b8b6-b984ddf689ff) Reference: {% embed url="" %}