udbg

Dynamic binary analysis tools based on Lua

Various debug-adaptor, remote debugging support
Rich script API, easy to extend and customize

Dynamic binary analysis tools based on Lua

• Support more analysis scene
  • Windows
    • Starndard API, VEH Debugger and view kernel space
    • WinDbg Engine: analyze dmp file, kernel debugging
  • Non-invasive attach
  • Cross-platform：support linux、android
• Providing rich script API, easy to extend and customize
• Separate the debugger from UI, support remote debugging: only put a few core files into remote machine, and you can control everything

Overall, there are three main functions

• Target (process) view like the concept 'Non-invasive attach' in windbg, this mode mainly contains functions: memory read/write, enum module/thread/memory page/handle, suspend/resume target, stack backtrace
• Target (process) debugging this mode contains functions in Target (process) view, and you can debug it, using breakpoint
• Dynamic hook and function call inject to target process, dynamic hook and call any function use lua in target process, like frida

Target in udbg, commonly is process, and can be .dmp file or kernel space with other debug-adaptor

Download

Download the lastest zip from release page, and unzip to a new directory

• https://github.com/udbg/udbg/releases
• https://gitee.com/udbg/udbg/releases

! Notice: DONT inclucde Non-ANSI character in the path

Document

https://udbg.github.io/

• Introduce
• Tutorial
• Features