Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
1 item(s) found so far for this keyword.
SuspendThread Anti-Debugging
The kernel32 SuspendThread
function or the NTDLL NtSuspendThread
function can be a very effective way to disable user-mode debuggers. This can be achieved by enumerating the threads of a given process or searching for a named window and opening its owner thread, then suspending that thread.