This is Part 3 of the Anti Reverse Engineering Mechanism Series. Here we will discuss about FindWindow API and how we can bypass the check. https://msdn.microsoft.com/en-us/library/windows/desktop/ms633499(v=vs.85).aspx This function retrieves the top window level handle whose classname and window name match any specified string. So if the name matches it returns a handle, else it returns null. There is a tool called WinLister which you can find out the ClassName, Handler , Location , etc. So if you have Ollydbg already running this is what you would see So if I would start Immunity Debugger and IDA Pro , this is what you would see as well .. So the code to detect these we can write a code like this which tells if there is a debugger attached or not Now let us have a look behind the scene by loading in OllyDdb. At first we will investigate what is going inside the FindWindowAPI , so let us step inside the function call Next we will do investigation insi
Web - Network - System - Mobile - Cloud - Automotive - Embedded - Internet Of Things (IOT)