I've had several readers ask me about weizman/awesome-javascript-anti-debugging recently, so I decided to write a comprehensive article about it.

Found this helpful? Share it with your team and leave a comment below!

正文

Curated list of Javascript Anti Debugging techniques

When it comes to Web Security there is a wide range of different aspects to it.

The most discussed aspect is the different types of security breaches, such as XSS, CSRF and more.

Javascript Anti Debugging on the other hand is an aspect that is not disscued enough, but might have a large potential impact when it comes to attacking and defending in the web security world.

repo before contributing - we follow similar guidelines here!

What Is Browser Anti Debugging? Chromium Devtools Scope Pane

Anti Debugging techniques allow attackers to tell whether their malicious code is being inspected or not when is executed within the browser.

The idea is to use the tools given by the browser (which is simply javascript in most cases) to understand whether the website's source code is being inspected and/or debugged in any way, and to take different actions based on the result.

Usually, these techniques are used by attackers to hide their malicious activity and protect their code from being uncovered.

Meaning, attackers can protect their code using anti debugging techniques, that when find that the code is being inspected stop the attack instead of completing it. Chromium Devtools Scope Pane Chromium Shadow Root Abuse

More Details

There are a few more points worth noting. First, browser compatibility varies across different browsers. Second, performance optimization is crucial when handling large amounts of data. Finally, key management is also an important consideration.

That's all for this comprehensive guide. I hope you found it helpful! Feel free to leave comments if you have questions.

Reference: weizman/awesome-javascript-anti-debugging - GitHub