Daniel Roberson
  • Posts
  • About
  • Notes
  • Projects
  • Time
  • Posts
    About
    Notes
    Projects
    Time

cesare1999

2024-08-16

Linux Anti-Debugging Techniques (Fooling the Debugger)

By Silvio Cesare (January 1999)

https://github.com/RobertLarsen/ProsaWorkshop/blob/master/presentations/01-reversing/papers/linux-anti-debugging.txt

Notes
false disassembly
anti-debugger
anti-analysis
anti-forensics
Linux
debugging
virus
breakpoint
breakpoint detection
opcode
int3
ptrace
man page
checking for breakpoints by checking for int3 instruction
gdb
false breakpoints
SIGTRAP
signal
signal.h
signal handler
debugger detection with ptrace PTRACE_TRACEME
ltrace
strace

Links to this note

  • Notes
  • baines2016

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit


Home

About

Notes

Projects

Time

© All rights reserved. Powered by Hugo and Erblog.