|
Which debugger is best?
Hello Forum members!
I am a C programmer and want to try to get into your world :-) I was wondering if someone could guide me with some clues of what tools to ues, i.e. what debugger to use, etc... Regards, Nakkeost |
Ollydbg
Ollydbg is best debegger, because his references available.
|
Hi,
Start learning assembly language, if not familiar with it already. For live debugging (ring-3), OllyDbg is king. -Fyyre Quote:
|
SoftIce is the Best!
Cheers, Sope! |
Quote:
-Fyyre |
I use Ollydbg and IDA for most 'debugging'. IDA has built in debugger, but I prefer Olly. IDA is best for examining structure of code and then exporting names to Olly. IDA also has decompiler plugin, but meh, I prefer to look at the assembler code in graph view - makes more sense to me.
Course, if your target isn't x86, then you have no choice but to use IDA. For kernel work I use WinDbg and sometimes Softice, depending on the exact problem. |
I love ollydbg, in my opinion it's the best debugger today
|
It's also good to learn some windbg basics. Might come handy sometimes.
|
agreed with deroko, windbg for now very useful for remote driver and x64 apps debugging, but gui not so user friendly
|
if he uses MS VStudio then the best debugger is the one which comes with the ide. if you plan to operate on pe files not having the source code, then you should take in consideration olly, ida, windbg etc.
|
gdb is powerful!!!
|
Well also for Linux you may use EDB from http://www.codef00.com . I'm using it on my x64 linux box. Too bad it's not ported for win x64, as it would be great addition for x64 debugging.
|
the little problem with edb is that you must compile it for proper platform and debug there, you can't use x64 edb to debug x86 apps and vice versa, you can't build x86 edb on x64 linux and vice versa :)
|
+1 for olly, and 64bit is coming!
|
Hi
ollydbg I think the best option is to crack software such facilities is very wide, which is the only surprise is that 64-bit programs and does not support NET. |
if you are C programmer, I suggest try Boomerang and Hex-Rays Decompiler.
both give you C like text. |
An odd one which is sometimes forgotten but which isnt at all bad is to use the open watcom compiler with its debugger. It is totally free and it used to be a payware thing... Just check the open watcom site for it..
|
Debugger choice depends on complexity and particular context, basically OllyDbg2 cover a wide range of situations.
But for complex environment debugging WinDbg + scripting is "the best", both on ring3 and ring0 situations. It's a bit unfriendly for a beginner, but I strongly suggest to learn also this debugger ;) Easy drivers, can be debugged with Syser. |
Also ImmunityDebugger is pretty good: basically is OllyDbg with some tweak such as a built-in pythonAPI, a function graphing tool and a heap analysis tool.
Ida pro is really powerfull, but not as immediate and easy to use as OllyDbg; moreover, OllyDbg's plugins are actually useful. Is now really outdated, but also W32DASM used to be good. Finally, as stated above, if you want to get a bit more "in" the OS, there's Syser for your comfort. Syser is SoftIce's little up-to-date brother (as they say "Softice is left. Syser will continue."). |
I am untreatable fan of Softice :). It is possible to run Softice under Vista also (it's better - after little exports modification in Vista kernel files), although it has only basic functionality and is not as stable as under systems it was designated for. But you can easy Ctrl-D at any time to view the ring0 code and you can trace through the code. The processes list, changing contextes - don't work :( So it's necessary to make old simple tricks as inserting INT3 in the start of the debugged file - to get into proper context to set breakpoints in debugged process. All it is reasonable only if you are interested in ring0 code tracing. For ring3 tracing you have a lot of other debuggers as listed above
|
windbg is powerful on kernel debugging, ollydbg is powerful on application debugging and reverse engineering.
|
one vote for Olly
|
OllyDbg 1.1 is the best for RING-3 debugging
IDA is a good assistant... |
The microsoft kernel debugger makes OD look like a toy.
Git |
I second OllyDbg for every day use.
WinDbg for r0 work. |
OllyDbg & Scripts & ImmunityDebugger
|
Quote:
OD can run .net app (x32), although you wont see anything similar to ildasm or any other .net disassembler/debugger . I was even able to fish a serial on some stupid app (forgot name). |
WinDbg is the most powerful debugger by far imo, however it's nowhere near as user-friendly as some of the alternatives.
It depends what you're trying to do tbh. If you're debugging your own code which you wrote using VS, then I'd use the builtin VS debugger for that. If you're debugging regular non-packed/obfuscated applications and you don't mind a bit of a learning curve, then I'd use WinDbg. If you're debugging x64 native applications then I'd use WinDbg. If you're debugging heavily packed and/or obfuscated targets (x86 native) then OllyDbg is probably the way to go (due to the large amount of helpful plugins to remove some of the more tedious work). If you're doing kernel debugging then I'd use WinDbg. etc Others obviously have other preferences. I'd suggest just giving the most popular tools a try and finding what you're most comfortable with. It's all about finding and using the best tool for the job. |
i like od,but is there a update version for win7?
|
Quote:
http://www.ollydbg.de/version2.html |
Olly for just in time, IDA for the rest!
|
I think Olly is the best one!
|
| All times are GMT +8. The time now is 11:03. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX