Microsoft disassembler dll
Process monitoring while loading firefox:ĭLL and Shellcode injection is also possible: Monitoring-List processes list current processes and PID's (for attaching) Monitoring-Processes monitors created processes and prints info on them. Monitoring-File starts monitoring Windows tmp directories and tries to dump the file contents. Hooks several Windows functions and prints files made, deleted, or modified. Picture below:Ĭrash mode detects exception_debug_event, determines the cause of the crash, and prints tons of output.
MICROSOFT DISASSEMBLER DLL PLUS
The options available are to: Just say Breakpoint Hit which does what is says, SEH Unwind which shows the last lines of the SEH handler, Stack unwind which unwinds and displays the stack memory, Disassem Around which disassembles 10 instructions around the breakpoint, and last All of the above plus extra which shows everything just mentioned plus register states. To set what a breakpoint does, go to Breakpoints-When a breakpoint is hit and select an option. To add breakpoints, add the DLL its found in, and then the function. this file must be in the same directory as the debugger if you want to use them. The first output is DLL's the executable is loading, and then debugging codes: Breakpointsįor adding breakpoints, before the debugger is launched, edit the BreakPoints.txt file. The debugger is currently in Default mode. When ready, just hit Start and watch the debugger work. Launching executable is also possible File-Open, but most of the debugging features don't support it, so just stick with attaching. To get started, select File-Attach and enter a PID to attach to. The main window ^shown above^ contains all the features.
MICROSOFT DISASSEMBLER DLL UPDATE
The most recent update moved a few things around and added debugger hiding, hex viewer,address disassembler, and real time register editing! Pictures are now slightly different from the actual application. Everything has been tested on and works on Windows 7-10. The GitHub includes the debugger, a test executable (that crashes as well), and a test DLL for injection. This tool can also completely disassemble an executable, inject shellcode and DLL's into processes, monitor process creation, directories, and files. Some of the debugger functions include setting breakpoints, crash mode, and viewing different registers. Basic Windows 32-bit debugger with several different functions to aid in static analysis, malware analysis, and computer forensics.