Reverse Engineering Asked by 0x58 on March 10, 2021
I was wondering what are some advanced AntiDebugging techniques that more advanced than the basic ones like IsDebuggerPresent and CheckRemoteDebuggerPresent?
Similar to those 2 APIs, there are similar ways to check about the presence of debugger. For instance:
Those are just glimpses of the almost infinite ways to trick the debugger. However, a good reverser will overcome all of this eventually, but sometimes the goal is not make it cost efficient or confuse the reverser so he won't decide to spend time on it by making him think the purpose is other or that the functionality is lacking and something is broken. There are a lot of reasons and a lot of ways to overcome them, and vice-versa.
Hope I could help a bit.
Correct answer by BegiNO on March 10, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP