gef
fibratus
gef | fibratus | |
---|---|---|
15 | 46 | |
6,499 | 2,076 | |
- | - | |
8.4 | 8.9 | |
4 days ago | 6 days ago | |
Python | Go | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gef
-
Beej's Quick Guide to GDB (2009)
There is also GEF, which is widely used by the reverse engineering and CTF community.
https://github.com/hugsy/gef
-
How do you use gdb without the tui? Are there advantages? Or just describe your GDB workflow.
If you are on Linux, install GEF and be happy.
- TF2 on Linux is running incredibly poorly, reporting 1200%+ CPU usage. Steam also appears to have some sort of memleak and infinite loop/callback going on leading to absurd CPU usage over time.
-
Any good and easy-to-use C debuggers?
If you are in linux, I recomend none of them (haha) because you should get more used to GDB a little bit. You just need to install some good visualizers likes GEF, for example.
- Emulating an emulator inside itself. Meet Blink
-
Are there any cpu emulators that could help me learn i386 assembly?
https://github.com/hugsy/gef, https://hugsy.github.io/gef/, https://hugsy.github.io/gef/commands/context/ ("Values in red indicate that this register has had its value changed since the last time execution stopped.")
- What plugins do you recommend for ExploitDev or RE and why?
- Awesome TUI tools
-
Fully Dockerized Linux kernel debugging environment
The attached debugger is not just raw GDB but is using https://hugsy.github.io/gef/ to make debugging less of a pain. It's still not perfect but helps plenty already.
-
Debugging with GDB
I still struggle with GDB but my excuse is that I seldom use it.
When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)
I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).
https://github.com/hugsy/gef
LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom
fibratus
- Announcing Fibratus 2.0.0
-
Announcing Fibratus 1.10.0 - a modern Windows kernel tracing and threat detection engine
I'm thrilled to announce the availability of Fibratus 1.10.0. This release brings a set of interesting features , such as the Yara function for combining signature and behavior-based detections, expanded detection rules catalog, native grammar for sequence rules, etc.
-
Fibratus 1.10.0 - a modern Windows kernel tracing and threat detection engine built in Go
I'm happy to announce the availability of Fibratus 1.10.0. Fibratus aims at providing a high-performance engine for capturing Windows system events and asserting them against a ruleset for the purpose of detecting adversary kill chain. All rules are built on top of the prominent MITRE security framework.
- Release v1.10.0 ยท Fibratus
- Announcing fibratus 1.10.0 - a modern Windows kernel tracing and threat detection engine
- Announcing Fibratus 1.8.0 - a modern tool for Windows kernel tracing with a focus on security
-
Fibratus - a modern tool for Windows kernel tracing with a focus on threat detection and prevention
You can check the full changelog here.
- Fibratus: Open-source threat detection and prevention solution
What are some alternatives?
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
androguard - Reverse engineering and pentesting for Android applications
peda - PEDA - Python Exploit Development Assistance for GDB
space-cloud - Open source Firebase + Heroku to develop, scale and secure serverless apps on Kubernetes
gdb-dashboard - Modular visual interface for GDB in Python
go-financial - A go port of numpy-financial functions and more.
lldb-mi - LLDB's machine interface driver
Project-Lightspeed - A self contained OBS -> FTL -> WebRTC live streaming server. Comprised of 3 parts once configured anyone can achieve sub-second OBS to the browser livestreaming
radare2 - UNIX-like reverse engineering framework and command-line toolset [Moved to: https://github.com/radareorg/radare2]
OpenDiablo2 - An open source re-implementation of Diablo 2
edb-debugger - edb is a cross-platform AArch32/x86/x86-64 debugger.
core - Backend server API handling user mgmt, database, storage and real-time component