Question 1

How does Antinet stop Visual Studio debugger from working?

Accepted Answer

Antinet kills the .NET debugger thread (DebuggerRCThread) by clearing its keep-looping field and signaling its event, preventing managed debuggers from receiving debug messages. It also manipulates the debugger IPC block to block attachments, as explained in the technical details.

Question 2

Will Antinet work with .NET Core or .NET 5?

Accepted Answer

No, Antinet is tested only up to CLR 4.0 (.NET Framework 4.5) and relies on undocumented internals specific to those versions. Newer .NET Core or .NET 5+ runtimes use different CLR implementations, so it's unlikely to be compatible without significant updates.

Question 3

Antinet vs ConfuserEx: which is better for obfuscation?

Accepted Answer

Antinet focuses on low-level anti-debugging and anti-profiling by disrupting CLR operations, while ConfuserEx is a broader obfuscator that includes code transformation and encryption. Antinet is more specialized for runtime protection but doesn't obfuscate code; choose based on whether you need debugging prevention or code obfuscation.

Question 4

How to integrate Antinet into a .NET application?

Accepted Answer

Integrate by including the library and initializing its anti-debugger and anti-profiler code early in your application, such as in the Main method. Test with the provided executables to verify it blocks managed debuggers and profilers as described in the README's test instructions.

Question 5

Can Antinet be bypassed by non-managed debuggers?

Accepted Answer

Yes, Antinet does not prevent non-managed debuggers like WinDbg from attaching, as stated in the README. However, these debuggers have limited ability to debug managed code effectively, making them less practical for detailed analysis of .NET applications.

Question 6

What happens if a profiler is already attached when Antinet runs?

Accepted Answer

Antinet checks CLR profiler status flags and blocks further events, but if a profiler is already attached, it won't kill it. The README recommends exiting the program if a profiler is detected to avoid potential issues with ongoing profiling.

antinet

What is antinet?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions