Skip to content

Commit 6dd157c

Browse files
AdvDebugAdvDebug
authored
Update README.md
1 parent 5e150ed commit 6dd157c

File tree

1 file changed

+16
-1
lines changed

1 file changed

+16
-1
lines changed

README.md

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,13 @@ A C# Project which Contains some Anti-Cracking, anti memory injection techniques
3737
* Patching DbgUiRemoteBreakin and DbgBreakPoint (Anti-Debugger Attaching)
3838

3939
## Anti Virtualization
40+
41+
* Detecting Triage
42+
43+
* Detecting Qemu.
44+
45+
* Detecting Parallels.
46+
4047
* Detecting Sandboxie
4148

4249
* Detecting Comodo Container
@@ -85,8 +92,16 @@ A C# Project which Contains some Anti-Cracking, anti memory injection techniques
8592

8693
* Detecting if Secure Boot are Enabled on the System
8794

95+
* Detecting if Virtualization-Based Security is Enabled.
96+
97+
* Detecting if Memory Integrity Protection is Enabled.
98+
99+
* Detecting if the current assembly has been invoked.
100+
88101
## Hooks Detection
89-
* Detecting Most Anti Anti-Debugging Hooking Methods on Common Anti-Debugging Functions by checking for Bad Instructions on Functions Addresses (Most Effective on x64) and it detects user-mode anti anti-debuggers like scyllahide, and it can also detect some sandboxes which uses hooking to monitor application behaviour/activity (like <a href="https://github.com/sandboxie-plus/Sandboxie">Sandboxie/Sandboxie Plus</a>, <a href="https://www.hybrid-analysis.com">Hybrid Analysis</a>, <a href="https://cuckoosandbox.org/">Cuckoo Sandbox</a>, and a lot of other online malware analysis websites/applications).
102+
* Detecting Most Anti Anti-Debugging Hooking Methods on Common Anti-Debugging Functions by checking for Bad Instructions on Functions Addresses and it detects user-mode anti anti-debuggers like scyllahide, and it can also detect some sandboxes which uses hooking to monitor application behaviour/activity (like <a href="https://github.com/sandboxie-plus/Sandboxie">Sandboxie/Sandboxie Plus</a>, <a href="https://www.hybrid-analysis.com">Hybrid Analysis</a>, <a href="https://cuckoosandbox.org/">Cuckoo Sandbox</a>, and a lot of other online malware analysis websites/applications).
103+
104+
* Detecting CLR Functions Hooking.
90105

91106
# Notice
92107
This Project are created for educational purposes only, also this project are licensed under MIT License.

0 commit comments

Comments
 (0)