Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Search Result

1 item(s) found so far for this keyword.

Heap Flag Anti-Debugging

ProcessHeap is located at 0x18 in the PEB structure. This first heap contains a header with fields used to tell the kernel whether the heap was created within a debugger. These are known as the ForceFlags and Flags fields.

Read More