[Edited: The technique discussed in this diary is not mine and has been used without proper citation of the original author]
I published the following diary on isc.sans.edu: “Locking Kernel32.dll As Anti-Debugging Technique“:
For bad guys, the implementation of techniques to prevent Security Analysts to perform their job is key! The idea is to make our life more difficult (read: “frustrating”). There are plenty of techniques that can be implemented but it’s an ever-ongoing process. Note that this topic is covered in the SANS FOR610 training.
An anti-debugging technique is based on the following steps… [Read more]