- Add ImageNtHeaders() (clone of RtlImageNtHeaderEx which doesn't exist on XP) to obtain PE headers given a VA - Add HEADER_FIELD() and THUNK_VAL() macros to module.h to allow accessing header fields independent of process and file bitness - Add IMAGE_NT_HEADERS pointer to MODINFO, since anything related to parsing PEs needs this struct - Read PE headers in GetModuleInfo(). Currently the headers are being parsed every time a TitanEngine helper function is called, the goal is to reduce this to once per module load - GetModuleInfo(): eliminate all TitanEngine calls now that we have the headers - Add RvaToVa() for SEC_COMMIT mappings. This can simultaneously serve as replacement for rva2offset helpers (pass base = 0). Preferably SEC_IMAGE should be used though as that way neither of these would be needed - ReadExportDirectory(): use RtlImageDirectoryEntryToData() to obtain a PIMAGE_EXPORT_DIRECTORY and its size in one go to eliminate TitanEngine helper calls and RVA to offset conversions - Answer burning questions re: Windows loader behaviour when parsing exports in comments - (Minor) fix '>= 0' comparison against unsigned as this will always evaluate to true - Add comment re: PDB search path order since it's wrong atm but I'm too scared of breaking something if I change this code myself |
||
---|---|---|
.github | ||
bin | ||
deps@de80e8da63 | ||
help | ||
hooks | ||
src | ||
.clang-format | ||
.editorconfig | ||
.gitignore | ||
.gitmodules | ||
CODE_OF_CONDUCT.md | ||
CONTRIBUTING.md | ||
LICENSE | ||
README.md | ||
build.bat | ||
clean.bat | ||
format.bat | ||
install.bat | ||
maketranslatetemplate.bat | ||
release.bat | ||
setenv.bat | ||
setupdeps.bat | ||
x64dbg.sln | ||
x64dbg_scheme.vsd |
README.md
x64dbg
Note
Please run install.bat
before you start committing code, this ensures your code is auto-formatted to the x64dbg standards.
Compiling
For a complete guide on compiling x64dbg read this.
Downloads
Releases of x64dbg can be found here.
Overview
x64dbg is an open-source x32/x64 debugger for Windows.
Activity Graph
Features
- Open-source
- Intuitive and familiar, yet new user interface
- C-like expression parser
- Full-featured debugging of DLL and EXE files (TitanEngine)
- IDA-like sidebar with jump arrows
- IDA-like instruction token highlighter (highlight registers, etc.)
- Memory map
- Symbol view
- Thread view
- Source code view
- Content-sensitive register view
- Fully customizable color scheme
- Dynamically recognize modules and strings
- Import reconstructor integrated (Scylla)
- Fast disassembler (Capstone)
- User database (JSON) for comments, labels, bookmarks, etc.
- Plugin support with growing API
- Extendable, debuggable scripting language for automation
- Multi-datatype memory dump
- Basic debug symbol (PDB) support
- Dynamic stack view
- Built-in assembler (XEDParse/Keystone/asmjit)
- Executable patching
- Yara Pattern Matching
- Decompiler (Snowman)
- Analysis
License
x64dbg is licensed under GPLv3, which means you can freely distribute and/or modify the source of x64dbg, as long as you share your changes with us. The only exception is that plugins you write do not have to comply with the GPLv3 license. They do not have to be open-source and they can be commercial and/or private. The only exception to this is when your plugin uses code copied from x64dbg. In that case you would still have to share the changes to x64dbg with us.
Credits
- Debugger core by TitanEngine Community Edition
- Disassembly powered by Capstone
- Assembly powered by XEDParse, Keystone and asmjit
- Import reconstruction powered by Scylla
- JSON powered by Jansson
- Database compression powered by lz4
- Advanced pattern matching powered by yara
- Decompilation powered by snowman
- Bug icon by VisualPharm
- Interface icons by Fugue
- Website by tr4ceflow
Special Thanks
- All the donators!
- Everybody adding issues!
- People I forgot to add to this list
- EXETools community
- Tuts4You community
- ReSharper
- Coverity
- acidflash
- cyberbob
- cypher
- Teddy Rogers
- TEAM DVT
- DMichael
- Artic
- ahmadmansoor
- _pusher_
- firelegend
- kao
- sstrato
- kobalicek
Developers
Contributors
- blaquee
- wk-952
- RaMMicHaeL
- lovrolu
- fileoffset
- SmilingWolf
- ApertureSecurity
- mrgreywater
- Dither
- zerosum0x0
- RadicalRaccoon
- fetzerms
- muratsu
- ForNeVeR
- wynick27
- Atvaark
- Avin
- mrfearless
- Storm Shadow
- shamanas
- joesavage
- justanotheranonymoususer
- gushromp
- Forsari0
See here for a more up-to-date list of contributers.