Debuggers
Debuggers are essential tools for analyzing program execution, inspecting memory, and understanding runtime logic. In CTF reversing or exploitation tasks, they reveal hidden logic paths, encryption routines, or validation functions and are vital for dynamic analysis.
- Attach GDB to a process:
gdb -p $(pidof <program>) - Launch binary in GDB:
gdb ./binary - Radare2 debug mode:
r2 -d ./binary - x64dbg Windows GUI debugger:
File -> Open -> Run
| Tool | Purpose |
|---|---|
| GDB | Standard Linux debugger for low-level program inspection |
| Pwndbg | GDB plugin with enhanced UI and exploitation-focused features |
| Radare2 | Open-source reverse engineering framework with integrated debugger |
| x64dbg | GUI debugger for Windows (32 / 64 bit) |
| Immunity Debugger | Scriptable Windows debugger with Python support |
| OllyDbg | Classic 32-bit Windows debugger for inline patching and analysis |
- Use breakpoints before key functions (like
strcmp,recv,decrypt) to observe intermediate values. - Combine static and dynamic analysis, inspect the binary structure in a disassembler before stepping through execution.
- Use Pwndbg or GEF extensions with GDB to enhance usability during CTF reversing tasks.