Open darvincisec opened 3 years ago
Hi @darvincisec. Thanks for sharing!
Regarding JDWP this might be a nice extension to our existing content: https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#jdwp-anti-debugging
Regarding TracerPID, this is already available in the MSTG, but please feel free to review as I think this section wasn't touched for quite some time https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#checking-tracerpid
Regarding inotify this would make sense to add it to our existing table in https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#detection-methods, that lists detection mechanisms.
What do you think? Let us know if any questions, can also reach out to us via OWASP Slack.
Thanks @sushi2k . Reg. Anti-memory dump, I dont see a section like Anti-Debug, Anti-Hook. Do you think it will be good to have a section on memory dump and mention about anti memory dump.
Hi @darvincisec that would be great as part of the Test Case for MSTG-RESILIENCE-6. If you have some time please feel free to send us a PR. Thanks a lot and sorry for the late response!
Can you check if some of the below techniques taken from here can be included ?