GDB
GDB (GNU Debugger) GDB is the veteran CLI debugger for C/C++/assembly, setting breakpoints, stepping through code, and inspecting registers in ELF binaries for unraveling crashes or malware hooks. Extend it with Python scripting for automated traces, loading symbols for annotated disassembly during live sessions. Open-source staple from GNU, it's the command-line cornerstone for reverse engineers dissecting native apps step by step.
Explore →LLDB
LLDB LLDB is the LLVM-powered debugger with multi-language support for C, Swift, and Rust, offering expression evaluation and frame unwinding for precise control in complex binaries. Integrate its Python API for custom commands, debugging iOS apps or kernel modules with symbolication. Open-source from Apple/LLVM, it's the modern multitool for RE pros tracing paths in diverse architectures.
Explore →Frida
Frida Frida is the dynamic instrumentation toolkit for injecting JS scripts into running processes, hooking functions and tracing calls across platforms for real-time RE without recompiles. Spawn or attach to apps, write handlers for API interceptions, and replay sessions for analysis. Open-source and cross-mobile, it's the live tamperer for pentesters debugging encrypted traffic or anti-RE tricks.
Explore →x64dbg
x64dbg x64dbg is the open-source user-mode debugger for 32/64-bit Windows PE files, with disassembly, breakpoints, and plugin support for unpacking malware or patching binaries interactively. Attach to processes or load dumps, navigate graphs, and script with Python for automated stepping. GitHub-forked from OllyDbg, it's the Windows warrior for reverse engineers battling packed executables.
Explore →pwndbg
pwndbg pwndbg is the GDB extension that supercharges debugging with context-aware commands, auto-disassembly, and exploit helpers like ROP gadget searches for CTF or vuln dev. Install via git clone, enhance your GDB sessions with colorized outputs and memory maps for faster analysis. Open-source from community, it's the exploit enhancer for pentesters turning raw GDB into a polished RE rig.
Explore →gef
gef gef is the GDB Enhanced Features plugin that adds pretty-printing, inline assembly, and unicorn emulation for stepping through obfuscated code or emulating snippets during RE. Source install for instant GDB upgrades, with commands for heap analysis and fault injection in binaries. Open-source from hugsy, it's the visual vitamin for debuggers illuminating dark corners of memory.
Explore →Radare2 (r2)
Radare2 (r2) Radare2's debugger mode attaches to processes for disassembly and dynamic analysis, with r2pipe for scripting hooks into binaries for unpacking or tracing syscalls. Load your target, set watchpoints, and visualize call graphs for function flows in real-time. Open-source framework core, it's the modular marauder for RE enthusiasts debugging across arches with a single tool.
Explore →Immunity Debugger
Immunity Debugger Immunity Debugger is the Python-scriptable Windows debugger with PyCommands for automating breakpoint chains and memory patches in malware RE or exploit dev. Attach to EXEs, trace API calls, and inject scripts for custom analysis without external hooks. Open-source fork available, it's the scripted sentinel for reverse engineers crafting Windows-specific hunts.
Explore →WinDbg Preview
WinDbg Preview WinDbg Preview is Microsoft's modern debugger for kernel/user-mode crashes, with Time Travel Debugging for rewinding execution to inspect state changes in binaries. Source-build from GitHub, load symbols and dumps for disassembly with JS extensions for custom views. Open-source under MIT, it's the time-machine for analysts replaying incidents in Windows environments.
Explore →Pwndbg