many say you should look into decompilers such as ghidra, which i think is good call, but they usually work only to some extent, because good obfuscation turns their readings into garbage. so after the basics look into CPU emulation(Unicorn e.g.) and runtime debugging(i think you can use gdb, because you are on Linux, but generally speaking, runtime debugging on Linux is not that interesting, because software has little ways to stop you, while on Windows there is a swarm of anti-debuggung techniques and anti-antidebugging bypasses, also anti-vm and anti-antivm), may as well do it in parallel.

Two antidebugging methods, once you are using this two methods you can detect with a high rate of detection if any process is debugging our process or a remote one. What other techniques you know to perform this type of action? github.com/S12cybersecurity/… #Malware #Cybersecurity

New Medium post! Today, I’ll show you the latest version of our resurrector malware, which includes antidebugging techniques. We’re detecting debuggers and patching functions used by them to analyze our process when none is found. medium.com/@s12deff/adding-a… #Malware #Pentesting

Added anti-debugging, anti-VM, anti-sandbox, anti CPU emulators detection to #AutoIt #Obfuscator pelock.com/autoit-obfuscator… #obfuscation #hacker #hacking #malware #coding #antidebugging #itsecurity #redteam #blueteam #reversing #code #programmer #programming

JavaScript AntiDebugging Tricks :: DoomsDay Vault x-c3ll.github.io/posts/javas…

#AntiAnalysis and #AntiDebugging #rust library for #Linux Debugoff: github.com/0xor0ne/debugoff #reverseengineering #rustlang #cybersecurity

Saved this Tweet to your Notion database. Tags: [Antianalysis, Linux, Rust, Antidebugging]

My tool pesto.tools got recently updated with Dropper improvements, making it more OPSEC-friendly and more capable: - added dynamic API Hash encoding - added function call obfuscation - improved AntiDebugging technique - added 1 process injection template

Released a bunch of video tutorials and a sneak peak of the upcoming release.. Webhooks, Antidebugging, Stack Duplication and Bring Your Own Injection.. Release blog incoming.... #BRc4 youtube.com/watch?v=K-xbRN_u… youtube.com/watch?v=Bd0fnV4w… youtube.com/watch?v=i-xbu0O2… youtube.com/watch?v=hc4X82gT…

LockBit’s third #ransomware variant, LockBit 3.0, is also known as #LockBitBlack — and for good reason. This version lifts portions of its code from that of #BlackMatter, including its antidebugging technique and encryption algorithm. More in our blog: research.trendmicro.com/3RSS…

#Linux #AntiAnalysis and #AntiDebugging #rust library. github.com/0xor0ne/debugoff #reversing #reverseengineering #rustlang

I'm super glad to say that we are still at the point where security companies protecting applications integrity with sick tricks, antidebugging, encryptions bla bla are just linux "experts" with no idea about reverse engineers mindset.

Quite interesting Anti-debugging techniques on Process Memory. anti-debug.checkpoint.com/te… #Antidebugging #Malwareanalysis

I updated my collection of JavaScript AntiDebugging tricks to add the Scope Pane idea from @WeizmanGal. Probably some of them are outdated right now or newer tricks have arised this year and I missed it, so feel free to ping me to update the page. x-c3ll.github.io/posts/javas…

#CyberMentoringMonday #dfir #malware analysis tip: When malware calls IsDebuggerPresent as an #antidebugging trick, it can be either an API call or the compiler may inline it to directly parse the PEB, e.g. mov reg1, FS:30h movzx reg2, [reg1 2] #cybersecurity #infosec

این مطلبو نوشتم و سعی کردم کامل و با جزییات باشه. تقریبا تمام تکنیک های AntiReverse و AntiDebugging مربوط به بدافزاهای لینوکسی داخلش هست و نحوه بایپسش هم توضیح داده شده. یه غولیه برا خودش. امیدوارم لذت ببرید 😛 github.com/aleeamini/Flareon…

HyperDbg - The Source Code Of HyperDbg Debugger dlvr.it/Rqf6RT #AntiDebugging #Debugger #Debugging #Fuzzing

HyperDbg - The Source Code Of HyperDbg Debugger j.mp/396lFQu #AntiDebugging #Debugger #Debugging #Fuzzing #Hyperdbg #Hypervisor

HyperDbg - The Source Code Of HyperDbg Debugger j.mp/396lFQu #AntiDebugging #Debugger #Debugging #Fuzzing #Hyperdbg #Hypervisor