Advanced Programming | Todays Debuggers

Author	Message	Time
RiffRiot	Since the death of SoftICE there have been many new debuggers arising from the depths. Some are newer than others and some have been around. In my research I have found a few and ask you to post any that you know of and what you like about it/them. Syser Rr0d OllyDbg IDA Pro Compuware -- I forget the exact name? Too lazy to find it... I am not a seasoned RE nor do I even know much ASM. However, I strive to learn new things and I am a newb in training (in regards to the previously mentioned). I enjoy constructive criticism ;) Lately, I have been doing a few small projects just to get my feet off the ground and seen some tutorials for SoftICE that I wanted to also try, however, I soon found out that (Wow! I am seriously behind on this stuff!) it is no longer updated/supported by NuMega. So, I continue to use OllyDbg and will try the others mentioned on the URL list above. Post your thoughts and debuggers with comments/suggestions! Thanks! ;D	April 21, 2009, 8:56 PM
Yegg	IDA Pro is awesome, but it's pretty expensive which is why I don't use it. OllyDbg is pretty nice, on Windows it's always my first choice. I remember a while back I tried out a few other nice ones, but I don't recall their names.	April 21, 2009, 10:41 PM
chyea	Well, kernel debugging aside, I'd probably stick with WinDbg or OllyDbg, depending on your preference. I used to use both because OllyDbg wasn't very good at setting break points on unknown methods. This was helpful to me while reversing that newer checkrevision method, because you could just set a breakpoint on checkrevision prior to it being loaded, and windbg would catch it. OllyDbg either couldn't do this, or I never did figure out how to. Granted, it did remember breakpoints, so once you set it once it'd remain. I tend to use IDA and OllyDbg/WinDbg as compliments. I'd rather step through a program in WinDbg and jot down memory addresses, offsets, register values, whatever, and reference IDA while doing so, if needed. shrug	April 21, 2009, 11:23 PM
RiffRiot	Thanks for your thoughts! I am going to pilot Syser today and see what I can do with it. I will post some screen shots if anyone is interested.	April 22, 2009, 11:00 AM
Yegg	[quote author=RiffRiot link=topic=17915.msg182484#msg182484 date=1240398051] Thanks for your thoughts! I am going to pilot Syser today and see what I can do with it. I will post some screen shots if anyone is interested. [/quote] I'm interested in Syser. I've never heard of it do I'd definately like to hear your experiences with it.	April 22, 2009, 1:11 PM

Author

Message

Time

RiffRiot

Since the death of SoftICE there have been many new debuggers arising from the depths. Some are newer than others and some have been around. In my research I have found a few and ask you to post any that you know of and what you like about it/them.

Syser
Rr0d
OllyDbg
IDA Pro
Compuware -- I forget the exact name? Too lazy to find it...

I am not a seasoned RE nor do I even know much ASM. However, I strive to learn new things and I am a newb in training (in regards to the previously mentioned). I enjoy constructive criticism ;)

Lately, I have been doing a few small projects just to get my feet off the ground and seen some tutorials for SoftICE that I wanted to also try, however, I soon found out that (Wow! I am seriously behind on this stuff!) it is no longer updated/supported by NuMega. So, I continue to use OllyDbg and will try the others mentioned on the URL list above.

Post your thoughts and debuggers with comments/suggestions! Thanks! ;D

April 21, 2009, 8:56 PM

Yegg

IDA Pro is awesome, but it's pretty expensive which is why I don't use it.
OllyDbg is pretty nice, on Windows it's always my first choice. I remember a while back I tried out a few other nice ones, but I don't recall their names.

April 21, 2009, 10:41 PM

chyea

Well, kernel debugging aside, I'd probably stick with WinDbg or OllyDbg, depending on your preference. I used to use both because OllyDbg wasn't very good at setting break points on unknown methods. This was helpful to me while reversing that newer checkrevision method, because you could just set a breakpoint on checkrevision prior to it being loaded, and windbg would catch it. OllyDbg either couldn't do this, or I never did figure out how to. Granted, it did remember breakpoints, so once you set it once it'd remain.

I tend to use IDA and OllyDbg/WinDbg as compliments. I'd rather step through a program in WinDbg and jot down memory addresses, offsets, register values, whatever, and reference IDA while doing so, if needed. *shrug*

April 21, 2009, 11:23 PM

RiffRiot

Thanks for your thoughts!

I am going to pilot Syser today and see what I can do with it. I will post some screen shots if anyone is interested.

April 22, 2009, 11:00 AM

Yegg

[quote author=RiffRiot link=topic=17915.msg182484#msg182484 date=1240398051]
Thanks for your thoughts!

I am going to pilot Syser today and see what I can do with it. I will post some screen shots if anyone is interested.
[/quote]

I'm interested in Syser. I've never heard of it do I'd definately like to hear your experiences with it.

April 22, 2009, 1:11 PM

Valhalla Legends Forums Archive | Advanced Programming | Todays Debuggers