I am trying to implement some basic debugging features in my application. One area that I wanted to focus on, in particular, was to prevent people from using the useful memory dump from my application easily. I read the article:
http://www.codeproject.com/KB/security/AntiReverseEngineering.aspx
and this gave me a lot of advice on how to determine if a debugger is present, as well as some information on how I can prevent memory dumps. But the author notes that you need to be careful in using these methods, such as removing the executable header in memory. He mentions that there may be times when the OS or other programs may want to use this information, but I don’t see for what purpose.
Does anyone have any other tips on how I can stop reverse engineers from dropping my program?
I am on Windows.
Yours faithfully,
Philip Bennefall
source
share