Unprotect Navbar Version Logo
  • Home
  • Techniques
  • Scan
  • Resources
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
    • Contributors
    • Scanned Samples
  • Tools
  • About
  • Avatar Login

Search For Content

Clear

Search Result

2 item(s) found so far for this keyword.

Interrupts
Anti-Debugging icon
Anti-Debugging

Adversaries may use exception-based anti-debugging techniques to detect whether their code is being executed in a debugger. These techniques rely on the fact that most debuggers will trap exceptions and not immediately pass them to the process being debugged for handling.

By triggering an exception and checking whether it is handled properly, the adversary's code can determine whether it …

Read more

SIDT, Red Pill
Sandbox Evasion icon
Sandbox Evasion

Red Pill is a technique used by malware to determine whether it is running on a physical machine or a virtual machine. The Red Pill technique involves executing the SIDT instruction, which retrieves the value of the Interrupt Descriptor Table Register (IDTR) and stores it in a memory location.

On a physical machine, the IDTR will contain the address …

Read more

The #UnprotectProject is brought to you by 🇫🇷 DarkCoderSc and 🇫🇷 fr0gger_

Terms And Conditions | GDPR

Contribute Now