• Home
  • Search
  • Map
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
  • Downloads
  • About
  • API

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

I'm Feeling Lucky

Search Result

2 item(s) found so far for this keyword.

GetTickCount Anti-Debugging

This is typical timing function which is used to measure time needed to execute some function/instruction set. If the difference is more than fixed threshold, the process exits.

GetTickCount reads from the KUSER_SHARED_DATA page. This page is mapped read-only into the user mode range of the virtual address and read-write in the kernel range. The system clock tick updates the …

AddVectoredExceptionHandler Anti-Debugging

The AddVectoredExceptionHandler technique is an anti-debugging method that can detect the presence of debuggers using Vectored Exception Handlers. This technique works by calling AddVectoredExceptionHandler(1, ourHandler) to register a top-level exception handler that will catch any exceptions raised by the process, including those generated by debuggers.

After this call has taken place, stepping through the code will trigger an EXCEPTION_SINGLE_STEP exception, …

Made with in 🇫🇷 © 2023. The #UnprotectProject

Terms And Conditions

Contribute