Debugger

The core of the project.

Debugger features:

• Process management: Spawn, attach, detach.
• Debugger: Continue, step instruction, kill.
• Self: Check if debugged, debugger break.
• Thread context: Read context.
• Exception handling: Read exceptions.
• Memory management: Read and write memory, get memory maps, primitive memory scanner.

Platforms:

• x86-64
  • Windows (supports WoW64)
    • msvcrt
  • Linux
    • glibc, musl
• x86
  • Windows
    • msvcrt
  • Linux
    • glibc, musl

Disassembler

Disassembler features are provided by the Capstone library.

Object/Symbol Server

Dumper supports:

• UNIX Archives (ar): Headers
• COFF: Header
• ELF: Header, Program Headers (coredump: x86-64), Sections, Dynamic Symbols, Disassembly
• LX: Header
• Mach-O: Header and load commands, Fat Header
• Memory Dump (dmp): Header
• Minidump (mdmp): Header
• MSCOFF (anon obj): Header
• MZ: Header, Relocations
• NE: Header
• OMF: Library Header
• PDB 2.0: Header
• PDB 7.0: Header, Stream Info
• PE: Header, Sections, Exports, Imports, Debug, Disassembly