Description

Software breakpoints are breakpoints which are set by modifying the code at the target address, replacing it with a byte value 0xCC (INT3 / Breakpoint Interrupt).

Some programs can count the number of 0xCC (INT3) bytes in between two functions to determine whether the program is being debugged.

Here is an example of such a detection:

Overcome software breakpoint detection

To overcome the software breakpoint detection, you can use hardware breakpoints instead.

Comments