| Developer(s) | mrexodia |
|---|---|
| Initial release | July 31, 2014 |
| Repository | github |
| Written in | C++ |
| Platform | Windows |
| License | GNU General Public License 3.0 |
| Website | x64dbg |
x64dbg is a free and open-source [1] debugging software available on Windows-based systems. It is used to analyze 64-bit executable files, while its counterpart, x32dbg, is used to analyze 32-bit executable files. Debugging is a process of looking into executable files translated into low-level assembly code, allowing the user of the debugger to see what is going on inside of an application; even if it is not open source. This is called reverse engineering. [2] It is very similar and often interchangeable with other debugging software. x64dbg is one of the most popular debugging software programs. [3]
The GUI of x64dbg is very overwhelming and cramped at first sight. The ribbon at the top of the screen includes all of the main tabs for the software, and allows you to navigate between different screens. x64dbg also supports plugins. [4]
The CPU tab is the tab you will most frequently use. It contains the assembly code of the file you dragged in. You are able to insert breakpoints labelled as grey circles to the left of the assembly code. These are important for when you execute the file you are examining, and you want the code to pause at a certain section. To the right of this, you are able to see your FPU Registers which store data of the file you dragged in. Debuggers automatically generate their own variable names for variables referenced in the assembly code itself, and you can view the values of these variables here.
At the bottom of the GUI, you can see a dump section which stores memory of the currently running process.
You can view other tabs by clicking different sections of the ribbon, or you can alternatively click on the "View" tab at the top which brings a dropdown listing every other tab. These tabs include; CPU, Log, Notes, Breakpoints, Memory Map, Call Stack, SEH Chain (Structured Exception Handling), Script, Symbols, Modules, Source, References, Threads, Handles, Graph, and Trace.
Patches are a way of allowing you to make modifications to the code, they let you save the code as a new file. This is often used when you want to make permanent changes to a file.
The GNU Debugger (GDB) is a portable debugger that runs on many Unix-like systems and works for many programming languages, including Ada, Assembly, C, C++, D, Fortran, Haskell, Go, Objective-C, OpenCL C, Modula-2, Pascal, Rust, and partially others.
A debugger or debugging tool is a computer program used to test and debug other programs. The main use of a debugger is to run the target program under controlled conditions that permit the programmer to track its execution and monitor changes in computer resources that may indicate malfunctioning code. Typical debugging facilities include the ability to run or halt the target program at specific points, display the contents of memory, CPU registers or storage devices, and modify memory or register contents in order to enter selected test data that might be a cause of faulty program execution.
A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. The output of disassembly is typically formatted for human-readability rather than for input to an assembler, making disassemblers primarily a reverse-engineering tool. Common uses include analyzing the output of high-level programming language compilers and their optimizations, recovering source code when the original is lost, performing malware analysis, modifying software, and software cracking.
KDevelop is a free and open-source integrated development environment (IDE) for Unix-like computer operating systems and Windows. It provides editing, navigation and debugging features for several programming languages, and integration with build automation and version-control systems, using a plugin-based architecture.
gedit is a text editor designed for the GNOME desktop environment. It was GNOME's default text editor and part of the GNOME Core Applications until GNOME version 42 in March 2022, which changed the default text editor to GNOME Text Editor. Designed as a general-purpose text editor, gedit emphasizes simplicity and ease of use, with a clean and simple GUI, according to the philosophy of the GNOME project. It includes tools for editing source code and structured text such as markup languages.
In-circuit emulation (ICE) is the use of a hardware device or in-circuit emulator used to debug the software of an embedded system. It operates by using a processor with the additional ability to support debugging operations, as well as to carry out the main function of the system. Particularly for older systems, with limited processors, this usually involved replacing the processor temporarily with a hardware emulator: a more powerful although more expensive version. It was historically in the form of bond-out processor which has many internal signals brought out for the purpose of debugging. These signals provide information about the state of the processor.
This article provides basic comparisons for notable text editors. More feature details for text editors are available from the Category of text editor features and from the individual products' articles. This article may not be up-to-date or necessarily all-inclusive.
Code::Blocks is a free, open-source, cross-platform IDE that supports multiple compilers including GCC, Clang and Visual C++. It is developed in C++ using wxWidgets as the GUI toolkit. Using a plugin architecture, its capabilities and features are defined by the provided plugins. Currently, Code::Blocks is oriented towards C, C++, and Fortran. It has a custom build system and optional Make support.
EiffelStudio is a development environment for the Eiffel programming language developed and distributed by Eiffel Software.
Ghidra is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub. Ghidra is seen by many security researchers as a competitor to IDA Pro. The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.
C# Open Source Managed Operating System (Cosmos) is a toolkit for building GUI and command-line based operating systems, written mostly in the programming language C# and small amounts of a high-level assembly language named X#. Cosmos is a backronym, in that the acronym was chosen before the meaning. It is open-source software released under a BSD license.
Nemiver is computer software, a graphical standalone debugger for the programming languages C and C++, which integrates in the GNOME desktop environment. It currently features a backend which uses the well known GNU Debugger (GDB). The creator and the current lead developer is Dodji Seketeli.
In engineering, debugging is the process of finding the root cause, workarounds and possible fixes for bugs.
Sublime Text is a text and source code editor featuring a minimal interface, syntax highlighting and code folding with native support for numerous programming and markup languages, search and replace with support for regular expressions, an integrated terminal/console window, and customizable themes. Available for Windows, macOS, and Linux, its functionality can be expanded with plugins written in Python. Community-contributed plugins can be downloaded and installed via a built-in Package Control system, or written by the user via a Python API. Sublime Text is proprietary software, but can be downloaded for free and used as an evaluation version with no time limit.
Dart is a programming language designed by Lars Bak and Kasper Lund and developed by Google. It can be used to develop web and mobile apps as well as server and desktop applications.
Spyder is an open-source cross-platform integrated development environment (IDE) for scientific programming in the Python language. Spyder integrates with a number of prominent packages in the scientific Python stack, as well as other open-source software. Created by Pierre Raybaut and released in 2009 under the MIT license, since 2012 Spyder has been maintained and continuously improved by Python developers and the community.
CodeXL was an open-source software development tool suite which included a GPU debugger, a GPU profiler, a CPU profiler, a graphics frame analyzer and a static shader/kernel analyzer.
Radare2 is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together or independently from the command line. Built around a disassembler for computer software which generates assembly language source code from machine-executable code, it supports a variety of executable formats for different processor architectures and operating systems.
Pluma is a fork of gedit 2 and the default text editor of the MATE desktop environment used in Linux distributions. It extends the basic functionality with other features and plugins.
Binary Ninja is a reverse-engineering platform developed by Vector 35 Inc. It allows users to disassemble a binary file and visualize the disassembly in both linear and graph-based views. The software performs automated, in-depth code analysis, generating information that helps to analyze a binary. It lifts assembly instructions into intermediate languages, generating decompiled code.
