OLLYDBG

 

OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you candownload and use it for free. Special highlights are:

  • Intuitive user interface, no cryptical commands

  • Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings

  • Directly loads and debugs DLLs

  • Object file scanning - locates routines from object files and libraries

  • Allows for user-defined labels, comments and function descriptions

  • Understands debugging information in Borland® format

  • Saves patches between sessions, writes them back to executable file and updates fixups

  • Open architecture - many third-party plugins are available

  • No installation - no trash in registry or system directories

IMMUNITY DEBUGGER

 

Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.

 

  • A debugger with functionality designed specifically for the security industry

  • Cuts exploit development time by 50%

  • Simple, understandable interfaces

  • Robust and powerful scripting language for automating intelligent debugging

  • Lightweight and fast debugging to prevent corruption during complex analysis

  • Connectivity to fuzzers and exploit development tools

WINDBG

 

Microsoft Windows Debugger (WinDbg) is a powerful Windows-based debugger that is capable of both user-mode and kernel-mode debugging. WinDbg provides debugging for the Windows kernel, kernel-mode drivers, and system services, as well as user-mode applications and drivers.

 

WinDbg uses the Visual Studio debug symbol formats for source-level debugging. It can access any symbol or variable from a module that has PDB symbol files, and can access any public function’s name that is exposed by modules that were compiled with COFF symbol files (such as Windows .dbg files).

 

WinDbg can view source code, set breakpoints, view variables (including C++ objects), stack traces, and memory. Its Debugger Command window allows the user to issue a wide variety of commands.

 

WinDBG is part of the Windows SDK environment. To download a copy of the Windows 7 SDK (Also supports Windows XP) or Windows 8 SDK, use the following links:

GDB

 

GDB, the GNU Project debugger, allows you to see what is going on `inside' another program while it executes -- or what another program was doing at the moment it crashed.

GDB can do four main kinds of things (plus other things in support of these) to help you catch bugs in the act:

 

  • Start your program, specifying anything that might affect its behavior.

  • Make your program stop on specified conditions.

  • Examine what has happened, when your program has stopped.

  • Change things in your program, so you can experiment with correcting the effects of one bug and go on to learn about another.

 

The program being debugged can be written in Ada, C, C++, Objective-C, Pascal (and many other languages). Those programs might be executing on the same machine as GDB (native) or on another machine (remote). GDB can run on most popular UNIX and Microsoft Windows variants.

EDB

 

EDB (Evan's Debugger) is a Qt4 based binary mode debugger with the goal of having usability on par with OllyDbg. It uses a plugin architecture, so adding new features can be done with ease. The current release is for Linux, but future releases will target more platforms.

 
 
 
 
 

Subscribe for Updates

Congrats! You’re subscribed