pwndbg
gef
Our great sponsors
pwndbg | gef | |
---|---|---|
9 | 15 | |
6,563 | 6,371 | |
3.2% | - | |
9.5 | 8.4 | |
4 days ago | 7 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwndbg
- Need help installing pwndbg on Kali Linux
-
Hacked GDB Dashboard Puts It All on Display
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
GEF: https://gef.readthedocs.io/en/master/
PWNDBG: https://github.com/pwndbg/pwndbg
PEDA: https://github.com/longld/peda
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
-
Debugging with GDB
GDB is great. I definitely recommend checking out watchpoints as well, a very useful tool for monitoring how a variable changes over time.
GDB also has many good plugins - pwndbg has tons of features and UI improvements over stock GDB.
-
Awesome CTF : Top Learning Resource Labs
Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
gef
-
Beej's Quick Guide to GDB (2009)
There is also GEF, which is widely used by the reverse engineering and CTF community.
- TF2 on Linux is running incredibly poorly, reporting 1200%+ CPU usage. Steam also appears to have some sort of memleak and infinite loop/callback going on leading to absurd CPU usage over time.
- Emulating an emulator inside itself. Meet Blink
-
Are there any cpu emulators that could help me learn i386 assembly?
https://github.com/hugsy/gef, https://hugsy.github.io/gef/, https://hugsy.github.io/gef/commands/context/ ("Values in red indicate that this register has had its value changed since the last time execution stopped.")
-
Fully Dockerized Linux kernel debugging environment
The attached debugger is not just raw GDB but is using https://hugsy.github.io/gef/ to make debugging less of a pain. It's still not perfect but helps plenty already.
-
Debugging with GDB
I still struggle with GDB but my excuse is that I seldom use it.
When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)
I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).
LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom
Using vanilla GDB is painful. As a bit of a shameless plug I recommend you check out GEF[1]. It's a large python script that extends GDB to make it a lot better to use. Notably it shows a lot of the state automatically every time the inferior stops. It's oriented around reversing and exploit development, but it definitely doesn't have to be used that way.
-
Awesome CTF : Top Learning Resource Labs
GEF - GDB plugin.
-
Where to find a nasm debugger that works with my code?
The problem with console gdb is that its default settings suck. I have this config, first line switches 64/32 bit mode. Yours is 32. File goes to ~/.gdbinit. I won't claim to have best config ever, google for it if you want to. There's also https://github.com/hugsy/gef
What are some alternatives?
peda - PEDA - Python Exploit Development Assistance for GDB
gdb-dashboard - Modular visual interface for GDB in Python
lldb-mi - LLDB's machine interface driver
radare2 - UNIX-like reverse engineering framework and command-line toolset [Moved to: https://github.com/radareorg/radare2]
pwntools - CTF framework and exploit development library
one_gadget - The best tool for finding one gadget RCE in libc.so.6
edb-debugger - edb is a cross-platform AArch32/x86/x86-64 debugger.
voltron - A hacky debugger UI for hackers
rr - Record and Replay Framework
OneByteWallhack - CS:GO wallhack achieved by patching one byte of game memory. Written in Python 3.