sQuo Posted March 9, 2014 Share Posted March 9, 2014 This is the hidden content, please Sign In or Sign Up Description: MorXAntiRE is a library that collect anti(debugger/disassembly/dump/VM/sandbox) tricks. MorXAntiRE is licensed under GNU/GPL version 3 and developed in C using Visual Studio 2012 and Inline Assembly. Anti-Debugging: IsDebuggerPresentAPI IsDebuggerPresentPEB CheckRemoteDebuggerPresentAPI NtQueryInformationProcess (ProcessDbgPort) NtQueryInformationProcess (ProcessDebugFlags) NtQueryInformationProcess (ProcessDebugObject) NtGlobalFlag NtSetInformationThread (HideThreadFromDebugger) Open Process Parent Process Self-Debug (CreateProcess) UnhandledExceptionFilter NtQueryObject Debugger-Attacks : BlockInputAPI OutputDebugString Timing Attacks: RDTSC Win32Timing (GetTickCount) Anti-Breakpoint: 0xCC BP detection: Memory Breakpoint Debugger Check(Guard Pages) Hardware Breakpoint Check (Debug registers with Get/SetThreadContext) Hardware Breakpoint Check (ebug registers with Structured Exception Handling) Author: Ayoub Faouzi Version: MorXAntiRE v1.5 MD5: 372271696bf4a5aab6b5a4a3cf7ae794 Requirements: Windows 32bits Download: This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts