Bypassing AV detection got really hard in the last couple of years. Its still an enjoyable field if you're interested in IT-Security or coding at all, since you learn how they operate itself and with the help of Windows API too. Also if you're a coder (doesn't matter which site you are), its a fantastic longtime challenge to always find a way to either detect malware or to make your (or customers) malware undectable for AVs.
Finding 'Anti-Detection'-Methods were one of the most interesting fields I ever came across - even back in time when I had like zero coding skills - and still love to read articles and documentations about it.
The code on the pictures shows a 'simple' method which leads a pointer to the BeingDebuged byte in PEB (Process Environment Block), checks if the debugger is present their and loops over it till an overflow occurs, trigger an exception and (force) close the process.
Don't worry, AVs won't fall into something like that anymore, you still need find ways to obfuscate the code, adding junk code or something else to distract the engine. I will link you the text in the description down below, so you can read the whole article - where I got this code snipped from - and hopefully learn something.
What are you up to? project? I'm still working on my little portscanner, but work takes so much time at the moment.
cu • •
#coding #programming #programmer #developer #coder #code #computerscience #technology #python #software #softwaredeveloper #tech #computer #linux #programmers #development #geek #softwareengineering #dev #CodeNeurs #programmerrepublic #malware #itsec #itsecurity #asm #assembly