bindbg: Binary Ninja plugin that syncs WinDbg to Binary Ninja
BinDbg
BinDbg is a Binary Ninja plugin that syncs WinDbg to Binja to create a fusion of dynamic and static analyses. It was primarily written to improve the Windows experience for Binja debugger integrations.
Features include:
- Start and stop WinDbg directly in Binja
- Control debugger execution and IP
- Set and delete breakpoints
- Set process arguments
- Branch decision highlighting
- vtable resolution and (rough) type identification
- ASLR support
Installation
git clone https://github.com/kukfa/bindbg.git
Usage
- Open target binary in Binja
- Tools or right-click -> Initialize Toolbar for this view
- Tools or right-click -> Set process arguments (if necessary)
- Click Go to the toolbar to launch WinDbg
- Open Memory/Registers windows in WinDbg as desired
- Control execution (run, break, step out, step in, step over) using the buttons in the toolbar
- Control IP (run to cursor, set IP) by right-clicking an instruction and selecting a command accordingly
- Set or delete breakpoints by right-clicking an instruction and selecting a command accordingly
- vtable calls and references will be automatically resolved as a Binja comment during execution
- Click Stop on the toolbar to stop debugging
Demo
Copyright (c) 2018 Dave Kukfa
Source: https://github.com/kukfa/
