35 lines
1.3 KiB
Plaintext
35 lines
1.3 KiB
Plaintext
edb (Evan's Debugger) is a graphical, Qt4-based debugger similar to OllyDbg,
|
|
written on top of the ptrace API. It is built on a plugin-based architecture.
|
|
|
|
Its features include:
|
|
|
|
*Intuitive GUI interface
|
|
*The usual debugging operations (step-into/step-over/run/break)
|
|
*Conditional breakpoints
|
|
*Debugging core is implemented as a plugin so people can have drop in replacements.
|
|
Of course if a given platform has several debugging APIs available,
|
|
then you may have a plugin that implements any of them.
|
|
*Basic instruction analysis
|
|
*View/Dump memory regions
|
|
*Effective address inspection
|
|
*The data dump view is tabbed, allowing you to have several views of memory open at the same time and quickly switch between them.
|
|
*Importing and generation of symbol maps
|
|
|
|
*Plugins
|
|
Code analysis engine which can identify functions
|
|
Search for binary strings
|
|
Code Bookmarks
|
|
Breakpoint management
|
|
Check for updates
|
|
Output the current state to the console
|
|
Environment variable viewer
|
|
Hardware Breakpoints
|
|
Heap block enumeration
|
|
Opcode search engine plugin has basic functionality (similar to msfelfscan/msfpescan)
|
|
Open file enumeration
|
|
Reference finder
|
|
String searching (like strings command in *nix)
|
|
Basic ROP instruction search
|
|
|
|
Compared to gdb, edb is more suited to reverse engineering, rather than white-box software debugging.
|