MASVS v1 MSTG-RESILIENCE-2
MASVS v2 MASVS-RESILIENCE-4
Testing Anti-Debugging Detection
In order to test for anti-debugging detection you can try to attach a debugger to the app and see what happens.
The app should respond in some way. For example by:
- Alerting the user and asking for accepting liability.
- Preventing execution by gracefully terminating.
- Securely wiping any sensitive data stored on the device.
- Reporting to a backend server, e.g, for fraud detection.
Try to hook or reverse engineer the app using the methods from section "Anti-Debugging Detection".
Next, work on bypassing the detection and answer the following questions:
- Can the mechanisms be bypassed trivially (e.g., by hooking a single API function)?
- How difficult is identifying the detection code via static and dynamic analysis?
- Did you need to write custom code to disable the defenses? How much time did you need?
- What is your assessment of the difficulty of bypassing the mechanisms?