Can you pass dynamic anti-debugging, such as timecheck, 0xCC detection? - Githubissues

Air14 / HyperHide

Hypervisor based anti anti debug plugin for x64dbg

MIT License

1.23k stars 279 forks source link

Can you pass dynamic anti-debugging, such as timecheck, 0xCC detection? #22

Closed wc2411888 closed 2 years ago

wc2411888 commented 2 years ago

Can you pass dynamic anti-debugging, such as timecheck, 0xCC detection?

Air14 commented 2 years ago

Timecheck will pass unless rdtsc/rdtscp is used, and for 0xCC there is currently no mechanism to hide them, so eventually you can use hardware breakpoints which will not be detected.