pwndbg
flare-vm
Our great sponsors
| pwndbg | flare-vm | |
|---|---|---|
| 9 | 23 | |
| 6,667 | 5,808 | |
| 3.3% | 3.0% | |
| 9.5 | 8.0 | |
| 5 days ago | 8 days ago | |
| Python | PowerShell | |
| MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwndbg
-
Any tips for newish C debugging please.
By far the best debugger for C is gdb+pwndbg (https://github.com/pwndbg/pwndbg)
- Need help installing pwndbg on Kali Linux
-
Hacked GDB Dashboard Puts It All on Display
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
GEF: https://gef.readthedocs.io/en/master/
PWNDBG: https://github.com/pwndbg/pwndbg
PEDA: https://github.com/longld/peda
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
-
Debugging with GDB
GDB is great. I definitely recommend checking out watchpoints as well, a very useful tool for monitoring how a variable changes over time.
GDB also has many good plugins - pwndbg has tons of features and UI improvements over stock GDB.
-
Making GDB Easier: The TUI Interface
I've recently started a new semester for my Master's program, and the first project for the semester involves using the GDB tool (GNU Debugger) to analyze a stack on a simple C program that contains a buffer overflow vulnerability. A couple of semesters ago, I had been given a VM pre-loaded with a more featured debugger tool called pwndbg. Pwndbg was excellent because it was easy to use and easily allowed accessed to information such as current assembly code being executed and a view of the program registers. So, going back to using GDB felt a little like stepping back into the stone age.
-
Awesome CTF : Top Learning Resource Labs
Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
- Trouble downloading pwndbg
-
Problem in downloading pwndbg
i have peda installed on my gdb and now i am trying to install pwndbg with git clone https://github.com/pwndbg/pwndbg cd pwndbg ./setup.sh
flare-vm
-
Looking for x86 Assembly learning material
Follow the instructions here to setup a FLARE vm which will have all the tools you need for the labs in the book flare vm
-
Small company, small analysis Platform
FLARE VM: this is a boxstarter from Mandiant to add a bunch of tools to Windows for malware analysis
-
Home lab for cybersecurity
build it as a proxmox host and have a malware analysis VM (flare-vm for example - https://github.com/mandiant/flare-vm) you can then interact with it via Console or host another VM as an SSH jump box and ssh tunnel to port 3389 on the malware vm
- Ma poate ajuta cineva ? Am descărcat ceva de pe filelist si după am întâmpinat asta.
- Any sandbox app (Windows or Linux) that supports network routing?
-
OS Recommendations for DFIR
FLARE VM: a Windows toolkit for malware analysis from Mandiant: https://github.com/mandiant/flare-vm
-
L1 analysts, do you do malware analysis? If so how often?
I usually run it in virtualbox without guest additions, get one of those free windows 10 isos from microsoft and install the mandiant flare vm on it ( https://github.com/mandiant/flare-vm ), after everything is installed i keep a snapshot of the windows machine with everything set up so i dont have to do it all again and once its done i set the network to internal and set set up inetsim on remnux as well if im going to do dynamic analysis so that i have an internet simulator that the malware can talk to.
-
How do you setup a malware analysis sandbox?
I use https://any.run for quick stuff or just fire my FlareVM up.
- Any distro for forensic blue team?
- How to set up a laptop as a dedicated mal-lab that has access to my home network for malware to send and receive traffic but cannot propagate to the rest of my devices?
What are some alternatives?
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
commando-vm - Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
peda - PEDA - Python Exploit Development Assistance for GDB
drakvuf-sandbox - DRAKVUF Sandbox - automated hypervisor-level malware analysis system
pwntools - CTF framework and exploit development library
radare2 - UNIX-like reverse engineering framework and command-line toolset
gdb-dashboard - Modular visual interface for GDB in Python
flare-fakenet-ng - FakeNet-NG - Next Generation Dynamic Network Analysis Tool
one_gadget - The best tool for finding one gadget RCE in libc.so.6
Binance-APK-Analysis - Revealing secrets behind Binance Crypto Exchange platform through Android APK Analysis
voltron - A hacky debugger UI for hackers
simplify - Android virtual machine and deobfuscator