aboutsummaryrefslogtreecommitdiff
path: root/development/edb-debugger/README
blob: 9ee724b6669a361d6ff90f85ee0e191f4908c83c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
edb (Evan's Debugger) is a graphical, Qt4-based debugger similar to OllyDbg,
written on top of the ptrace API. It is built on a plugin-based architecture.

Its features include:

*Intuitive GUI interface
*The usual debugging operations (step-into/step-over/run/break)
*Conditional breakpoints
*Debugging core is implemented as a plugin so people can have drop in replacements. 
 Of course if a given platform has several debugging APIs available, 
 then you may have a plugin that implements any of them.
*Basic instruction analysis
*View/Dump memory regions
*Effective address inspection
*The data dump view is tabbed, allowing you to have several views of memory open at the same time and quickly switch between them.
*Importing and generation of symbol maps

*Plugins
   Code analysis engine which can identify functions
   Search for binary strings
   Code Bookmarks
   Breakpoint management
   Check for updates
   Output the current state to the console
   Environment variable viewer
   Hardware Breakpoints
   Heap block enumeration
   Opcode search engine plugin has basic functionality (similar to msfelfscan/msfpescan)
   Open file enumeration
   Reference finder
   String searching (like strings command in *nix)
   Basic ROP instruction search
   
Compared to gdb, edb is more suited to reverse engineering, rather than white-box software debugging.