2015年12月18日

反调试方法二 - 抢占ptrace

The ptrace() system call provides a means by which one process (the”tracer”) may observe and control the execution of another process(the “tracee”), and examine and change the tracee’s memory andregisters. It is primarily used to implement breakpoint debugging and system call tracing.

帮助文档online.


1%