salwrap-antidebug

This repo contains an implementation of the anti-debug techniques used in the reference document.

https://media.defcon.org/DEF%20CON%2016/DEF%20CON%2016%20presentations/DEF%20CON%2016%20-%20newger.pdf

Debug View

[2692] start_trampolines.
[2692] trampoline0
[2692] Push to callstack
[2692] Copy trampoline0 buffer to new offset
[2692] Calculate return address in next trampoline0 buffer.
[2692] Jump to trampoline_fn.
[2692] start of func1.
[2692] trampoline0
[2692] Push to callstack
[2692] Copy trampoline0 buffer to new offset
[2692] Calculate return address in next trampoline0 buffer.
[2692] Jump to trampoline_fn.
[2692] start of func15.
[2692] Return from trampoline_fn.
[2692] Return from trampoline_fn.
[2692] Return from trampoline_fn.
[2692] Pop callstack.
[2692] end of start_trampolines.

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
Debug		Debug
Release		Release
ipch/salwrap-9f58386d		ipch/salwrap-9f58386d
salwrap		salwrap
README.md		README.md
defcon-16-newger-wp.pdf		defcon-16-newger-wp.pdf
salwrap.sdf		salwrap.sdf
salwrap.sln		salwrap.sln
salwrap.suo		salwrap.suo

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

salwrap-antidebug

Debug View

About

Releases

Packages

Languages

martencassel/salwrap-antidebug

Folders and files

Latest commit

History

Repository files navigation

salwrap-antidebug

Debug View

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages