pwndbg
CyberChef
Our great sponsors
pwndbg | CyberChef | |
---|---|---|
9 | 286 | |
6,667 | 25,384 | |
3.3% | 3.8% | |
9.5 | 8.8 | |
5 days ago | 5 days ago | |
Python | JavaScript | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwndbg
-
Any tips for newish C debugging please.
By far the best debugger for C is gdb+pwndbg (https://github.com/pwndbg/pwndbg)
- Need help installing pwndbg on Kali Linux
-
Hacked GDB Dashboard Puts It All on Display
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
GEF: https://gef.readthedocs.io/en/master/
PWNDBG: https://github.com/pwndbg/pwndbg
PEDA: https://github.com/longld/peda
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
-
Debugging with GDB
GDB is great. I definitely recommend checking out watchpoints as well, a very useful tool for monitoring how a variable changes over time.
GDB also has many good plugins - pwndbg has tons of features and UI improvements over stock GDB.
-
Making GDB Easier: The TUI Interface
I've recently started a new semester for my Master's program, and the first project for the semester involves using the GDB tool (GNU Debugger) to analyze a stack on a simple C program that contains a buffer overflow vulnerability. A couple of semesters ago, I had been given a VM pre-loaded with a more featured debugger tool called pwndbg. Pwndbg was excellent because it was easy to use and easily allowed accessed to information such as current assembly code being executed and a view of the program registers. So, going back to using GDB felt a little like stepping back into the stone age.
-
Awesome CTF : Top Learning Resource Labs
Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
- Trouble downloading pwndbg
-
Problem in downloading pwndbg
i have peda installed on my gdb and now i am trying to install pwndbg with git clone https://github.com/pwndbg/pwndbg cd pwndbg ./setup.sh
CyberChef
-
PicoCTF 2024: packer
Then we take the encrypted text and use CyberChef to decrypt it.
-
Unbreakable 2024: secrets-of-winter
Let's go to CyberChef and insert our pieces of evidence.
-
YouTube: Google has found a way to break Invidious
A parameter was changed from '2AMBCgIQBg' to 'CgIIAdgDAQ%3D%3D' which is just the correct base64 encoding they should have been using the entire time.
I don't think this was a hostile action by Google, I think someone just added better input validation for security reasons and it accidently broke the bad requests they were sending.
https://gchq.github.io/CyberChef/#recipe=URL_Decode()From_Ba...
-
PicoCTF 2024- CanYouSee
❗This is indeed the flag, but the text is encrypted with Base64. Usually, the presence of padding character "=" indicates that's Base64 type of encoding (but that's only one of the hints). To decrypt it, we can use CyberChef. Copy-paste the text and we either:
-
CyberChef VS DevToolboxWeb - a user suggested alternative
2 projects | 6 Feb 2024
-
CyberChef from GCHQ: The Cyber Swiss Army Knife
It uses a combination of magic bytes (like the `file` command), entropy analysis and character frequency detection to determine whether an output is likely to be of interest to the user.
The file type mechanism is written here[0]. There's a list of all signatures we detect here[1].
[0] https://github.com/gchq/CyberChef/blob/master/src/core/lib/F...
- Show HN: File Hider
- UK GCHQ's CyberChef
-
Lets try this again. Got a code for you to break.
I think this can be deciphered using CyberChef...
- CyberChef is a useful tool for decoding information.
What are some alternatives?
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
QR-Code-generator - High-quality QR Code generator library in Java, TypeScript/JavaScript, Python, Rust, C++, C.
peda - PEDA - Python Exploit Development Assistance for GDB
CapRover - Scalable PaaS (automated Docker+nginx) - aka Heroku on Steroids
pwntools - CTF framework and exploit development library
py4e - Web site for www.py4e.com and source to the Python 3.0 textbook
gdb-dashboard - Modular visual interface for GDB in Python
cyberchef-recipes - A list of cyber-chef recipes and curated links
one_gadget - The best tool for finding one gadget RCE in libc.so.6
Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
voltron - A hacky debugger UI for hackers
Monica - Personal CRM. Remember everything about your friends, family and business relationships.