Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Golang Simple Anti Debugger & Anti Http Debugger

NotificationsYou must be signed in to change notification settings

CRYBOII/buggi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

kill

A simple golang package that will make a crackers feel more harder to reverse engineering your program, (for window os)

What is Anti-Debugging

Anti-Debugging techniques are meant to ensure that a program is not running under a debugger ,

and in the case that it is, to change its behavior correspondingly.

In most cases, the Anti-Debugging process will slow down the process of reverse engineering,

but will not prevent itdeepinstinct

INSTALL

go get github.com/CRYBOII/buggi

USAGE

SimpleRun - simply implement this function will close program immediately when debuggers are detected

package mainimport ("github.com/CRYBOII/buggi""bufio""os")func main() {       // Interval every 2 secondbuggi.SimpleRun(2)input := bufio.NewScanner(os.Stdin)input.Scan()}

DetectAndClose - close program immediately when debuggers are detected

package mainimport (    "time"    "github.com/CRYBOII/buggi")func main() {    // make a new tricker to invoke,and sent package to channel every 1 second (interval)ticker := time.NewTicker(1 * time.Second)    // quit channel in the case you want to exist loop in goroutine functionquit := make(chan struct{})go func() {for {select {case <-ticker.C:                // use buggi fucntion when debugger is detected your program will close immediately buggi.DetectAndClose()case <-quit:ticker.Stop()return}}}()}

DetectAndReturn - return a name of debugger program as a string

// this will return a debugger name as a string type,if debugger program is openingdebugger := buggi.DetectAndReturn()if debugger != "" {// implement your own logic herefmt.Printlh(debugger)}

RUN TEST

when package are intstalled you can create a dummy test project

main.go

package mainimport ("time""github.com/CRYBOII/buggi")func main() {ticker := time.NewTicker(2 * time.Second)quit := make(chan struct{})go func() {for {select {case <-ticker.C:buggi.HeartbeatCheckingTest()case <-quit:ticker.Stop()return}}}()<-quit}
go run main.go

then you can try to open some debugger tools

List of debugger that can be detect

BurpSuite,BurpSuiteFree,Charles,dumpcap,Fiddler,httpsMon,httpwatchstudiox64,mitmdump,mitmweb,NetworkMiner,Proxifier,rpcapd,smsniff,tshark,WinDump,Wireshark,WSockExpert,x96dbg,ollydbg,ida64,idag,idag64,idaw,idaw64,idaq,idaq64,idau,idau64,scylla_x64,scylla_x86,protection_id,windbg,reshacker,ImportREC,IMMUNITYDEBUGGER,HTTPDebuggerUI,HTTPDebuggerSvc,Debugger,OLLYDBG,ida,disassembly,scylla,Debug,CPU,Immunity,WinDbg,x32dbg,x64dbg,reconstructor,MegaDumper

antidebug

NOTE !!

anyways this method can be bypass by change a debugger program executable name

MIT License

Copyright (c) 2021CRYBOII

Releases

No releases published

Packages

No packages published

Languages

[8]ページ先頭
©2009-2025 Movatter.jp