CLR Anti-Debugger/Profiler Code Logo

CLR Anti-Debugger/Profiler Code

0
Free
Visit Website

This code utilizes undocumented features of Microsoft's CLR to prevent managed debuggers/profilers from working. It may not be effective in future CLR versions and could potentially lead to unexpected behaviors. Tested on various versions of CLR including 2.0, 3.5, 4.0, and 4.5. Includes test executables for different CLR versions and architectures. Users can experiment with attaching managed debuggers/profilers like Visual Studio's .NET debugger and CLR Profiler.

FEATURES

ALTERNATIVES

Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.

Checksec is a bash script to check the properties of executables like PIE, RELRO, Canaries, ASLR, Fortify Source.

Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.

Malware sandbox for executing malicious files in an isolated environment with advanced features.

Yaraprocessor allows for scanning data streams in unique ways and dynamic scanning of payloads from network packet captures.

A Yara ruleset for detecting PHP shells and other webserver malware.

A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.