XAntiDebug
XAntiDebug copied to clipboard
Several suggestions
I have some suggestions, would be nice to implement:
- Don't call RtlGetVersion, use ASM and load PEB into RAX
- Don't call get usermode functions... find a way to direct syscall or something (maybe edit wow64ext function X64Call and put in call SYSCALL ?)
- Use RtlComputeCrc32 instead of that class ?
- ldasm can throw exception, find a way to catch all and do another operation ?
That's all for now, let me know what you think.