Visual Studio (+ VisualDDK for kernel mode debugging).

All this with Remote debugging using VMware virtual machines really helps...

IDA + Olly for analysis malware and RE , windbg+vmware,soft-ice for drivers

Doens't IDA support 64bit debugging?

http://www.hex-rays.com/idapro/debugger/win32_tut.pdf

Yes, and so is xgdb and kdgb. BUT: Isn't there a real alternative to gdb? AND: What ring is gdb by the way? :confused:

boeser.hacker

take a look here, this uses GDB ad r0

for kmode debugging I use Syser and Windbg

anyone have a Good Paper or tut about debugging in X64 ....sure using one of the this debugger IDA or windbg .
I think we will open a new section for x64 I think it need more attention .
I think we have very Good guys here how can be useful in this field .

x64 is a great field of research, I'll collect some paper about this topic and make a post ;)

ps: about the topic, gbd can be used both r3 and r0, knowledge of gdb is a great thing
open doors for various OS debugging.

@ Evilcry : thanks ,we will wait ur Paper or any useful Tut u could find ;) .


Good so the problem how we can be familiar with this debugger .
All of us r familiar with Olly and IDA .
so anyway to make this inf available pls :rolleyes:

Thanks for every thing ...Lol Check ur PM ( I will send a massage .

I see there is no problem which debugger we must use
the important thing that you must know how to use the debugger in a correct way
I use OllyDbg:D

Sure,
just remember that gdb comes out from porting issues and for its particular
structure is slow.

IDA Debugger is great and presents the advantage of plugin integraton,
this thing is really important because allow you to harden debugger from
hostile code ;)

thanks ahmadmansoor ! :)

ollydbg is good, and easier to learn, but will become less useful as more people move to x64, i for one have already installed Windows 7 x64 version on my laptop, it will be my only OS (apart from VM) from now on...

IDA + Ollydbg
Olly for a "fast" debugging
IDA for a deeper work
Using together, however, is the best (example generate file .map with IDA and then pass the .map file to Olly and continue works on the same target).

IDA for static analysis

Debuggers
Windows
Olly for Ring 3 Apps
Softice/Windbg for Ring 0 code
Immunity Debugger (olly+python) for quick exploit writing

*nix
gdb + a nice gdbinit script
IDA Debugger (remote ) + gdbserver [ this is quite nice actually]
kgdb for Linux kernel debug

Speaking of a GDB init file, mammon's gdbinit is pure jewel.

http://www.802.11mercenary.net/~johnycsh/misc/mammon-gdbinit-fixed.txt