This talk describes Pwndbg, a plugin for GDB written in Python that helps reverse engineering and binary exploitation of ELF binaries. It shows Pwndbg features such as enhanced context display, telescope (automatic dereferencing of potential pointers), navigation helpers (such as "please break at next syscall/ret/jump"), better display of memory maps through vmmap command, unicorn emulation feature (to show branches that will be taken), Windbg aliases, search memory command and others.
Resources:
Presented at
- Empire Hacking, February 2019
- Security PWNing Conference 2018, November 2018
Authored by
- Dominik 'disconnect3d' Czarnota