Reverse engineering Hide code behind GCC constructors

Interesting technique to hide code from IDA Pro before the main function by (ab)using GCC constructors. More information about how to detect this technique and similar ones here: The second part of the video is a quick introduction to the GNU Debugger GDB. Although there are not that many Linux malware, this technique is definitely something to be aware of. Tools: IDA Pro GDB Debugger gdbinit Vim References: gdbinit man page