GET /api/techniques/340/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 340,
"key": "addvectoredexceptionhandler",
"unprotect_id": "U0125",
"name": "AddVectoredExceptionHandler",
"description": "The `AddVectoredExceptionHandler` technique is an anti-debugging method that can detect the presence of debuggers using Vectored Exception Handlers. This technique works by calling `AddVectoredExceptionHandler(1, ourHandler)` to register a top-level exception handler that will catch any exceptions raised by the process, including those generated by debuggers.\r\n\r\nAfter this call has taken place, stepping through the code will trigger an `EXCEPTION_SINGLE_STEP` exception, which is caught by our top-level handler. This exception is typically only generated by debuggers and is therefore a strong indicator that a debugger is present.",
"resources": "https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-addvectoredexceptionhandler",
"creation_date": "2023-03-10T02:40:20.368000Z",
"tags": "Anti-debugging, Vectored Exception Handlers, AddVectoredExceptionHandler, Debugging, Exception handling, EXCEPTION_SINGLE_STEP",
"modification_date": "2023-10-04T10:44:23.409000Z",
"category": [
3
],
"rules": [],
"attachments": [],
"featured_api": [
593
],
"contributors": []
}
