GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ThomasThelen → Antidebugging

ThomasThelen / Antidebugging

Licence: mit
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Labels

hackingreverse-engineeringmalwaredebuggingmalware-analysismalware-researchcrackingvirus

Projects that are alternatives of or similar to Antidebugging

Anti-Debugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (+84.47%)
Mutual labels:  debugging, virus, malware, malware-analysis, malware-research, cracking
Malware-Sample-Sources
Malware Sample Sources
Stars: ✭ 214 (+32.92%)
Mutual labels:  virus, malware, malware-analysis, malware-research
MalwareDatabase
Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-86.96%)
Mutual labels:  virus, malware, malware-analysis, malware-research
Malware Analysis Scripts
Collection of scripts for different malware analysis tasks
Stars: ✭ 61 (-62.11%)
Mutual labels:  malware, malware-analysis, malware-research, reverse-engineering
Dex Oracle
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Stars: ✭ 398 (+147.2%)
Mutual labels:  malware, malware-analysis, malware-research, reverse-engineering
Freki
🐺 Malware analysis platform
Stars: ✭ 285 (+77.02%)
Mutual labels:  malware, malware-analysis, malware-research, reverse-engineering
Pwndbg
Exploit Development and Reverse Engineering with GDB Made Easy
Stars: ✭ 4,178 (+2495.03%)
Mutual labels:  malware, malware-analysis, reverse-engineering, debugging
Simplify
Android virtual machine and deobfuscator
Stars: ✭ 3,865 (+2300.62%)
Mutual labels:  malware, malware-analysis, malware-research, reverse-engineering
Drakvuf Sandbox
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
Stars: ✭ 384 (+138.51%)
Mutual labels:  malware, malware-analysis, malware-research, reverse-engineering
Pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: ✭ 2,026 (+1158.39%)
Mutual labels:  malware, reverse-engineering, malware-analysis, malware-research
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+7021.74%)
Mutual labels:  hacking, malware, reverse-engineering
Yargen
yarGen is a generator for YARA rules
Stars: ✭ 795 (+393.79%)
Mutual labels:  malware, malware-analysis, malware-research
Fame
FAME Automates Malware Evaluation
Stars: ✭ 663 (+311.8%)
Mutual labels:  malware, malware-analysis, malware-research
Makin
makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
Stars: ✭ 645 (+300.62%)
Mutual labels:  malware-analysis, reverse-engineering, debugging
Pecli
CLI tool to analyze PE files
Stars: ✭ 46 (-71.43%)
Mutual labels:  malware, malware-analysis, reverse-engineering
Thezoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Stars: ✭ 7,849 (+4775.16%)
Mutual labels:  malware, malware-analysis, malware-research
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+5478.26%)
Mutual labels:  hacking, malware, malware-analysis
Malware Samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Stars: ✭ 565 (+250.93%)
Mutual labels:  malware, malware-analysis, malware-research
Chimay Red
Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Stars: ✭ 63 (-60.87%)
Mutual labels:  hacking, reverse-engineering, debugging
Malware Feed
Bringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-57.14%)
Mutual labels:  malware, malware-analysis, malware-research
View All Similar Projects ➔

alt text Project Status: Active – The project has reached a stable, usable state and is being actively developed. license Maintenance HitCount

When developing software, it's sometimes necessary to check, at runtime if the application is running under the presence of a debugger. Sometimes, the goal is to stop the application from running under a debugger to slow reversing attempts. Conversely, a reverse engineer may run across the checks that the developer placed.

This repository hosts code that shows some of the trivial ways that are commonly encountered in the wild. Note that bypassing this class of check has been almost entirely automated by modern disassemblers.

Checking Your Own Process

IsDebuggerPresent - Basic Win32 API call to check for the presence of a debugger

OutputDebugString - Use the Win32 API to tryto communicate with a potentially attached debugger

FindWindow - Use the Win32 API to search for debugger windows

ReadTEB - A brief look at the internals of IsDebuggerPresent

DebugBreak - A win32 call that will throw when a debugger isn't attached (sounds weird I know).

Checking Other Processes

CheckRemoteDebuggerPresent - IsDebuggerPresent for external processes

References and Other Repositories

Anti Reverse Engineering Protection Techniques to Use Before Releasing Software

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].