Skip to content

CRYBOII/buggi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
obfuscated
obfuscated
 
 
README.md
README.md
 
 
buggi.png
buggi.png
 
 
buggi_test.go
buggi_test.go
 
 
checker.go
checker.go
 
 
core.go
core.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
uTln8gs.gif
uTln8gs.gif
 
 

Repository files navigation

Buggi - simple golang anti debugger & anti http debugging

kill

A simple golang package that will make a crackers feel more harder to reverse engineering your program, (for window os)

What is Anti-Debugging

Anti-Debugging techniques are meant to ensure that a program is not running under a debugger ,

and in the case that it is, to change its behavior correspondingly.

In most cases, the Anti-Debugging process will slow down the process of reverse engineering,

but will not prevent it deepinstinct

INSTALL

go get github.com/CRYBOII/buggi

USAGE

SimpleRun - simply implement this function will close program immediately when debuggers are detected

package main

import (
	"github.com/CRYBOII/buggi"

	"bufio"
	"os"
)

func main() {
       // Interval every 2 second
	buggi.SimpleRun(2)
	input := bufio.NewScanner(os.Stdin)
	input.Scan()
}

DetectAndClose - close program immediately when debuggers are detected

package main

import (
    "time"
    "github.com/CRYBOII/buggi"

)
func main() {
    // make a new tricker to invoke,and sent package to channel every 1 second (interval)
	ticker := time.NewTicker(1 * time.Second)
    // quit channel in the case you want to exist loop in goroutine function
	quit := make(chan struct{})
	go func() {
		for {
			select {
			case <-ticker.C:
                // use buggi fucntion when debugger is detected your program will close immediately 
				buggi.DetectAndClose()
			case <-quit:
				ticker.Stop()
				return
			}
		}
	}()

}

DetectAndReturn - return a name of debugger program as a string

// this will return a debugger name as a string type,if debugger program is opening
debugger := buggi.DetectAndReturn()

if debugger != "" {
// implement your own logic here
fmt.Printlh(debugger)
}

RUN TEST

when package are intstalled you can create a dummy test project

main.go

package main

import (
	"time"

	"github.com/CRYBOII/buggi"
)

func main() {
	ticker := time.NewTicker(2 * time.Second)
	quit := make(chan struct{})
	go func() {
		for {
			select {
			case <-ticker.C:
				buggi.HeartbeatCheckingTest()
			case <-quit:
				ticker.Stop()
				return
			}
		}
	}()
	<-quit
}


go run main.go

then you can try to open some debugger tools

List of debugger that can be detect

BurpSuite,BurpSuiteFree,Charles,dumpcap,Fiddler,httpsMon,httpwatchstudiox64,mitmdump,mitmweb,NetworkMiner,Proxifier,rpcapd,smsniff,tshark,WinDump,Wireshark,WSockExpert,x96dbg,ollydbg,ida64,idag,idag64,idaw,idaw64,idaq,idaq64,idau,idau64,scylla_x64,scylla_x86,protection_id,windbg,reshacker,ImportREC,IMMUNITYDEBUGGER,HTTPDebuggerUI,HTTPDebuggerSvc,Debugger,OLLYDBG,ida,disassembly,scylla,Debug,CPU,Immunity,WinDbg,x32dbg,x64dbg,reconstructor,MegaDumper

antidebug

NOTE !!

anyways this method can be bypass by change a debugger program executable name

MIT License

Copyright (c) 2021 CRYBOII

About

Golang Simple Anti Debugger & Anti Http Debugger

Topics

golang security obfuscation reverse-engineering cracking golang-package excutables protected antidebugging antidebug

Resources

Readme
Activity

Stars

20 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy