OllyDbg
OllyDbg
|
|
---|---|
Basic data
|
|
developer | Oleh Yuschuk |
Current version | 2.01 (September 27, 2013) |
operating system | Windows |
programming language | C. |
category | Debugger |
License | Shareware |
www.ollydbg.de |
OllyDbg is a 32-bit debugger for Windows developed by Oleh Yuschuk , a 64-bit version is under development. Mainly, OllyDbg can be used for binary code analysis, for example to carry out debugging of programs.
OllyDbg works on ring 3 level and is characterized by the following features:
- Debugging of multithreaded programs
- Append to running processes
- Configurable disassembler with support for the formats MASM and IDEAL
- MMX , 3DNow , SSE , ASCII and Unicode support
- Hardware and software breakpoints
- Search across memory areas
- Modification of memory areas "on-the-fly"
- Extensibility through DLL plugins
One of the special advantages of OllyDbg is that the debugger can also be started from mobile data carriers. It does not require any installation, but allows an add-in in Windows Explorer. Due to the many plugins available, which come from third-party authors from the reverse engineering scene and allow the debugger to be hidden from anti-debugging methods of various runtime packers (especially Themida and Execryptor), as well as the OllyScript plugin, which, in conjunction with scripts, automates recurring processes This debugger is one of the most frequently used tools, especially by private reverse engineering enthusiasts. OllyScripts automate processes such as bypassing anti-debugging methods or searching for the original entry point (OEP) of encrypted programs packed with runtime packers.
Web links
Individual evidence
- ↑ OllyDbg website , accessed January 8, 2015
- ↑ FAQ on the OllyDbg website, accessed on January 8, 2015