Excellent video. A tip for those who want to "automate" the skip so you don't have to change the IP every time. Check the function out and if it is just calling NtSetInformationThread or some other anti-debug code and it doesn't contain important malware code (which it usually doesn't since it is isolated anti-debug function) you can simply NOP the whole call and skip over that check every time you restart the exe\dll in the debugger.

I never thought about using graph view while using x64 lol As always, your vids are the best.

this is amazing... nice work. thanks for sharing.

Amazing content! Please do more videos Reverse engineering context! thank you.

Brilliant as always!

Excellent video

Thank you for this Good turtorial :)

features ! love them all 🚩❤

What would be the approach when the exe reproduces itself and its threads (like in process explore you can see 6times the same process)

Thanks Teacher, have you considered writing a book about reversing?

Couldn't you have inserted a jump instead of the push 0?

Almost the same trick, as Enigma does to detach from the debugger. However, if I remember correctly, Enigma uses ZwSetInformationThread instead

May I ask you to make a video about Software Nanomites?)

Thanks for making these videos free, I love them! Have u considered making a video analyzing the ransomware as a whole? D:

Can this method remove the x63dbg (32bit) virus???

hello, is there someone sleeping while you record? there is background voice.. like snoring ... just sayn

Where is the part II?

I think i want to marry this man