Linux Process Evasion: ptrace & prctl
Stop analysts in their tracks. Learn how to leverage PTRACE_TRACEME and PR_SET_DUMPABLE syscalls to harden your agents against debuggers and memory acquisition.
Stop analysts in their tracks. Learn how to leverage PTRACE_TRACEME and PR_SET_DUMPABLE syscalls to harden your agents against debuggers and memory acquisition.