Tag: debug

Debugging, Forensics

Debug processes using ptrace and python

python-ptrace is a debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python. Features * High level Python object API : PtraceDebugger and PtraceProcess * Able to control multiple processes: catch fork events on Linux * Read/write bytes to arbitrary address: take care of memory alignment and split bytes to …

Antivirus, Debugging, Kernel

Debug user-mode processes using a kernel debugger

When a user-mode process deploys various userland anti-debugging tricks, you can use kernel debugging to attach to the process and debug it easier. > Create a Windows 8.1 Vmware machine. > Follow this guide to enable kernel debugging through pipes. > Run Windbg as administrator on your host machine. > Open File->Kernel Debug… (Ctrl+K) > …

Kernel, Rootkits

Windows Kernel Debugging

Windows Kernel Debugging using VMware Workstation 12+Windows 7 for the target system and Windows 8.1 for the host machine. > Setup a virtual machine with Windows 7. After Windows installation shut it down. > Enable virtual printers in VMware Workstation. Goto Edit->Preferences->Devices->Enable virtual printers. > Download WDK 10 from here and install it on the …

Debugging, Programming

Basic debugging using CDB

Î’asic debugging using the Microsoft Console Debugger (CDB). You need WDK installed. Launch an application for debugging cdb.exe file.execdb.exe file.exe   Debugging a User-Mode Process Attaching to a Running Process cdb.exe -p process_idcdb.exe -p process_id cdb.exe -pn process_namecdb.exe -pn process_name Attaching to a Running Process Noninvasively Observe running process without affecting it cdb -pv -p …