anti-java-agent

anti-java-agent copied to clipboard

anti-java-agent

This is a basic example of preventing instrumentation via attaching a Java Agent. This can be bypassed pretty easily but should still prevent the skids.

How does it work?

It works by loading our own class, which is a fake of Sun's Java side JPLIS implementation. Now, to make sure we always create that class we need to make sure no one is loading an agent at the start, so we check the VM options before we load our class.