Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hiatus/adbg
Linux anti-debugging techniques.
https://github.com/hiatus/adbg
anti-debugging debugging gdb radare2
Last synced: 13 days ago
JSON representation
Linux anti-debugging techniques.
- Host: GitHub
- URL: https://github.com/hiatus/adbg
- Owner: hiatus
- Created: 2022-06-07T18:34:13.000Z (about 2 years ago)
- Default Branch: master
- Last Pushed: 2023-04-30T16:23:33.000Z (about 1 year ago)
- Last Synced: 2024-02-29T00:40:13.370Z (4 months ago)
- Topics: anti-debugging, debugging, gdb, radare2
- Language: C
- Homepage:
- Size: 6.84 KB
- Stars: 5
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Lists
- awesome-game-security - Linux anti-debugging techniques
README
adbg
====
Linux anti-debugging techniques.
Techniques
----------
- `adbg_check_ldpreload`: detect LD_PRELOAD techniques
- `adbg_check_gdb`: detect GDB fingerprints
- `adbg_check_parent`: detect debugging tools via procfs
- `adbg_check_sigtrap`: detect SIGTRAP handling
- `adbg_check_ptrace`: check if the current process has a tracer
Testing
-------
The test routine simply returns from `adbg_check_all()`, which wraps all functions. To enable debugging messages of failed tests, pass `-DDEBUG` to the compiler.
- Build the test binary `adbg-test` with `make` and run it using different debugging tools such as `strace`, `gdb`, `radare2`, etc. If the process returns 1, debugging behaviour was detected.