OllyDbg

OllyDbg is a standard developed by Oleh Yuschuk 32 -bit debugger for Windows operating systems. Mainly OllyDbg can be used for binary code analysis to perform, for example, an error cleanup programs.

OllyDbg works on ring 3 level and is characterized by the following features:

  • Debugging of multithreaded programs
  • Attaching to Running Processes
  • Configurable disassembler with support from the MASM and IDEAL formats
  • MMX, 3DNow!, SSE, ASCII and Unicode support
  • Hardware and software breakpoints
  • Search on memory areas
  • Modification of memory locations " on-the- fly"
  • Extensibility through DLL plugins

One of the advantages of OllyDbg is that the debugger can be started from portable storage devices. It requires no installation, but allows an add-in to the Windows Explorer. Through the many available plugins, which originate from third authors from the reverse engineering scene and hiding the debugger before anti-debugging methods of different runtime packers ( particularly Themida and EXECryptor ) allow, as well as the OllyScript plugin, which in conjunction with scripts to automate recurring processes allows one of these debugger especially in private reverse engineering enthusiasts to the tools most commonly used. OllyScripts automate processes such as the circumvention of anti-debugging methods or the search for the original entry point (OEP ) by using runtime packers packed and encrypted programs.

616936
de