mirror of
https://github.com/x64dbg/x64dbg.git
synced 2024-11-27 06:40:24 +00:00
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
binary-analysiscppctfcybersecuritydebuggerdebuggingdisassemblerdynamic-analysisexploit-developmenthackingmalware-analysisoscpprogram-analysisreverse-engineeringsecuritysecurity-toolswindowsx64x86x86-64
| help | ||
| x64_dbg_bridge | ||
| x64_dbg_dbg | ||
| x64_dbg_exe | ||
| x64_dbg_gui/Project | ||
| .gitignore | ||
| bug.ico | ||
| clean.bat | ||
| LICENSE | ||
| README | ||
| release.bat | ||
| todo_dbg.txt | ||
| x64_dbg_sceme.vsd | ||
| x64_dbg.sln | ||
[This is a new version of this repository. The old version can be found ] [here: https://bitbucket.org/mrexodia/x64_dbg_old ] >Downloads: These can be found at https://sf.net/projects/x64dbg/ >Overview: This is a x64/x32 debugger that is currently in active development. The debugger has (currently) three parts: - DBG - GUI - Bridge DBG is the debugging part of the debugger. It handles debugging (using TitanEngine) and will provide data for the GUI. GUI is the graphical part of the debugger. It is built on top of Qt and it provides the user interaction, the dump window, the disassembly, the register window, the memory map view, the log view etc. Bridge is the communication library for the DBG and GUI part (and maybe in the future more parts). The bridge can be used to work on new features, without having to update the code of the other parts. It also ensures low-level code stays (partially separated from the high level GUI code). >Features: - variables (with regard to the upcoming script feature) - basic calculations (var*@401000+.45^4A) - hide debugger (very basic) - software breakpoints (INT3, LONG INT3, UD2) - memory breakpoints (read, write, execute) - hardware breakpoints (access, write, execute) - stepping (into, over, n instructions) - rtr (return from function) - memory allocation/deallocation in the debuggee - quickly accessing API addresses (GetProcAddress->76E13620) - fully customizable GUI colors and instruction highlighting - IDA-like sidebar with jump arrows - IDA-like instruction token highlighting (hold 'Z' in disassembly) - memory map - basic module labeling - import reconstruction (using Scylla) - drag&drop files - goto window - register/flags view with editing support and change highlighting - quite fast working in really big code pages (tested up to 5GB) - GUI hotkeys - dynamic jump arrow (just like OllyDbg) - user databases for labels/comments/breakpoints/bookmarks (*.dd64 or *.dd32 files) - easy context menu in disassembly (to set breakpoints etc) - plugin support - (manual) function analysis - easily follow calls/jumps/ret (press ENTER when selecting) - (buggy) dynamic commenting (strings) - scripting support (using the debugger commands)! - simple dump window with various data modes - symbols (+ exports) view with search - simple stack view - programmable reference view >Known bugs: - memory breakpoints sometimes fail (TitanEngine bug) >Last words: The debugger core is based on TitanEngine (an updated version, https://bitbucket.org/mrexodia/titanengine-update) Disassembly powered by BeaEngine (http://beaengine.org/). The icon is taken from VisualPharm (http://www.visualpharm.com/) Licensed under GLPv3 >Special thanks: - acidflash - Ahmadmansoor - cyberbob - Teddy Rogers - EXETools community - Tuts4You community - DMichael - TEAM DVT - Artic - Sorry if I forgot you! >Developers: - Mr. eXoDia - Sigma - tr4ceflow