I don't know reverse engineering. But, I guess the ultimate solution would be ru... | Hacker News

Hacker Timesnew | past | comments | ask | show | jobs | submit

		harryfyx on Aug 28, 2023 \| parent \| context \| favorite \| on: The Ptrace Anti-RE Trick I don't know reverse engineering. But, I guess the ultimate solution would be running a custom OS to fake ptrace results in the kernel level?

scandinavian on Aug 28, 2023 | [–]

You can just use LD_PRELOAD to load your own version of ptrace. Not as stealthy though.

pizzapim on Aug 28, 2023 | [–]

Another way is to load a eBPF program or kernel module for this purpose.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact