Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Simple .cpp file to protect the program from a debugger

open-source x86/x64 usermode anti-anti-debug plugin

x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.

Program/Library for Python created to protect your code from decompilation and detection by antiviruses

WinRasp is a RASP(Runtime Application Slef Protection) solution for Windows. It can help customer to detect and remove the threats while the target application is at runtime. It can be used to protect registry, file, and process object.

Kernel Anit Anit Debug Plugins 内核反反调试插件

A bunch of Windows anti-debugging tricks for x86 and x64.

String and memory handling functions based around the Spectre misfeature

Python obfuscator & anti-debugging protector

Various .NET Anti-Debug and Anti-VM techniques

Simple short demonstration of TLS in windows

KWorld is a kernel driver for removing the anti-debugging technique ThreadHideFromDebugger from processes.

Access without a real handle

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology

SecLib is a simple header-only library that checks all running processes for certain identifiers.