blob: 4dfdbd11fca150470585813b9ad7dc6e4ecd18ef (
plain)
edb (Evan's Debugger) is a graphical, Qt4-based debugger similar to OllyDbg,
written on top of the ptrace API. It is built on a plugin-based architecture.
Its features include:
* Intuitive GUI interface
* The usual debugging operations (step-into/step-over/run/break)
* Conditional breakpoints
* Debugging core is implemented as a plugin so people can have drop-in
replacements. Of course if a given platform has several debugging APIs
available, then you may have a plugin that implements any of them.
* Basic instruction analysis
* View/Dump memory regions
* Effective address inspection
* The data dump view is tabbed, allowing you to have several views of memory
open at the same time and quickly switch between them.
* Importing and generation of symbol maps
* Plugins:
Code analysis engine which can identify functions
Search for binary strings
Code Bookmarks
Breakpoint management
Check for updates
Output the current state to the console
Environment variable viewer
Hardware Breakpoints
Heap block enumeration
Opcode search engine plugin has basic functionality (similar to
msfelfscan/msfpescan)
Open file enumeration
Reference finder
String searching (like strings command in *nix)
Basic ROP instruction search
Compared to gdb, edb is more suited to reverse engineering, rather than
white-box software debugging.
|
