lopqto's adventures
RSS Feed

Articles

  • Frida by example: bypassing IsDebuggerPresent() check

    Almost every malware exists out there has a functionally to make the post-detection analysis more difficult. Threat actors use various anti-debugging techniques, one of the more common ones used to check whether a debugger is on via IsDebuggerPresent() Windows API call. In this blog post, we will discuss how to bypass this technique by Frida.

    Read More »