• Home
  • Search
  • Map
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
  • Downloads
  • About
  • API
    • Unprotect API
    • API Documentation

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Clear

Search Result

2 item(s) found so far for this keyword.

EventPairHandles Anti-Debugging

An EventPair Object is an event constructed by two _KEVENT structures which are conventionally named High and Low.

There is a relation between generic Event Objects and Debuggers because they must create a custom event called DebugEvent able to handle exceptions. Due to the presence of events owned by the Debugger, every information relative to the events of a normal …

CloseHandle, NtClose Anti-Debugging

When a process is debugged, calling NtClose or CloseHandle with an invalid handle will generate a STATUS_INVALID_HANDLE exception.

The exception can be cached by an exception handler. If the control is passed to the exception handler, it indicates that a debugger is present.

Made with in 🇫🇷 © 2023. The #UnprotectProject

Terms And Conditions | Cookie Policy | Cookies preferences | GDPR

Contribute