1. Prevent inverse Algorithms
2. defense against static analysis
A. Flower instruction B. SMC (self-modifying code) C. Information Hiding D. Simple polymorphism Deformation Technology
3. File integrity test
Disk File verification, inspection, and memory image Verification
4. Code and Data Integration Technology
Make the. Text block writable: A. loadpe/prodump changes the block attribute to e0000020h B. virtualprotect to modify the memory read/write attribute
Note:
1. Develop your own protection mechanism as much as possible. Do not rely too much on any code that is not developed by yourself. Core code available in vmprotect
2. Do not rely too much on shell protection
3. added the software integrity check.
4. Software Encryption-related strings cannot be directly stored in executable files in plain text.
5. The registration code and installation time are recorded in different places