How to monitor the machine whether have caught the behavior of the program is running.-CodePudding

Here caught program is not specific,
Refers to the program has caught behavior. Both developed and ready-made online.

Also can say how can you catch caught operation?
Although I know that prevent caught, but I hope to be able to detect

Temporarily suspended. Hope has the search did not find the network ideas and solutions.

CodePudding user response:

As you stand in the street wants to know who is the thief, you know

CodePudding user response:

reference 1st floor taoguangye response:

just like standing on the street I hope you know what a man is a thief, you know

Well, so want to consult you catch the thief.

CodePudding user response:

Advise the landlord don't spend and waste your limited life infinite encryption to decrypt dead loop!
How do you know your code isn't run in the virtual machine?
How do you know The real world is not run in The Matrix?

"The matrix" fully _ _ knowledge base blog garden
In the "the matrix" zion is a virtual world _ _ knowledge base blog garden

CodePudding user response:

reference zhao4zhong1 reply: 3/f

advise the landlord don't spend and waste your limited life infinite encryption to decrypt dead loop!
How do you know your code isn't run in the virtual machine?
How do you know The real world is not run in The Matrix?

"The matrix" fully _ _ knowledge base blog garden
In the "the matrix" zion is a virtual world _ _ knowledge base blog garden

Well you're right but this will increase the difficulty of crack and do some preventive work?

CodePudding user response:

I think 1st floor metaphor is very appropriate, but if get caught principle, for example, an API HOOK, if can be detected by the hooks, it shows that there is a problem, but on the whole, personal feel caught it is better to strengthen the encryption more affordable,

CodePudding user response:

Ok, as long as you have money, you can buy a set of people don't like 360 active defense source engine, your program immediately, tall,

CodePudding user response:

refer to 6th floor caozhy response:

ok, as long as you have money, you can buy a set of people don't like 360 active defense of the source code of the engine, you are immediately on the tall,

What you said is a little inspiration, thank you, let me know first

CodePudding user response:

I have seen a program, like to see how it caught with server exchange parameters, the results of several mainstream caught tools just a start monitoring it is killed, a specific program, don't know whether I didn't test carefully, the original poster can put some of the mainstream caught under the tools of statistical and for processing, them all as "virus", continuously upgrade to enrich your future "virus"

CodePudding user response:

refer to the eighth floor sysdzw response:

I've seen a program, like to see how it caught with server exchange parameters, the results of several mainstream caught tools just a start monitoring it is killed, a specific program, don't know if it didn't careful testing, the original poster can put some of the mainstream caught under the tools of statistical and for processing, them all as "virus", continuously upgrade to enrich your future "virus"

Thank you provide train of thought, grope for it.

CodePudding user response:

Can monitor the process. In addition, caught software runs normally have wincap. The original poster can do some research in this area.

CodePudding user response:

Have built with logic analyzer which software can find I am caught on the Internet? !