A pentesting company called Immunity has released an amazing debugging application that is totally free of charge. Supposedly it will cut down the time it takes to find an exploit in any given application by %50. I don’t know if that is true, but it certainly has all the bells and whistles of a non-free debugger like IDA Pro.
Here’s the Download Link: IMMUNITY : Debugger
Dan Goodin had this to say in “The Register“, about my new favorite app:
The folks at Immunity, a company specializing in tools for penetration testing, have released a free application advertised to streamline the development of software exploits.
Immunity Debugger, as the app is called, will cut exploit development time by half, according to this product announcement. The debugger is designed with malware writers in mind, providing a rich GUI, powerful scripting language and connectivity to fuzzers and exploit development tools.
The program gives developers the option of using command line or GUI depending on the task at hand, and runs plug-ins written in Python by third-party developers.
In my opinion this could replace OllyDbg!! No offense to those hardcore OllyDbg fans out there, but you should give Immunity Debugger a whirl just to see how powerful it really is.
N00B Alert – Debuggers and disassembler’s are used for “cracking” apps, as well as finding malicious exploits. I expect that Immunity Debugger will be just as useful for cracking as anything else, if not more. Of course you need to have the right assembly code set to really utilize the extra speed promised by Immunity Debugger.
I’ll see what I can do about finding some tutorials in the near future. If my gut instinct is correct, this is gonna become a staple for most hackers out there (White, Grey or Black Hat).