CALVIS32: Customizable assembly language visualizer and simulator for intel x86-32 architecture

Alcalde, Jennica Grace; Chua, Goodwin; Demabildo, Ivan Marlowe; Ong, Marielle Ashley; Uy, Roger Luis

doi:10.1109/tencon.2016.7847992

Cited by 2 publications

(1 citation statement)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The fs segment register can access the Process Environment Block (PEB) at fs: [30]. On an x86 [8] computer, this register corresponds to a Thread Information Block (TIB).There is also a flag below the Process Environment Block (PEB) that indicates whether the first memory space of the process was created in debug mode. Provide an offset of 0x18 in the Process Environment Bloc (PEB).…”

Section: Introductionmentioning

confidence: 99%

The Study of the Anti-Debugging Techniques and their Mitigations

Saad

Taseer

2022

IJECI

View full text Add to dashboard Cite

The major goal of this study is to provide anti-debugging and anti-reversing strategies/techniques employed by executables, DLLs, and packers/protectors, as well as to examine strategies that can be utilized to bypass or disable these protections. Anti-debugging techniques are designed to make sure that a program is not being executed inside a debugger. In most cases, the anti-debugging process slows down the reverse engineering process but doesn't stop it. This information will allow malware analysts and researchers to identify the techniques used by the malware. This information may also be used by security researchers, and reverse engineers who want to slow down the process of reverse engineering in order to add security to their software. It causes some difficulties for a reverse engineer, but, of course, nothing stops a skilled, knowledgeable, and committed reverse engineer.

show abstract

Section: Introductionmentioning

confidence: 99%