Skip to content

Debugging Tools

Dependency Analysis

DLL Export Viewer

dllexp.gif

  • DLL Export Viewer is a software application that allows users to view the list of exported functions in a DLL file.
  • It can be used to identify the functions that are available for use by other programs or libraries that use the DLL.
  • DLL Export Viewer displays information such as function names, addresses, ordinals, and entry points.
  • It supports both 32-bit and 64-bit DLL files and can be used on Windows operating systems.
  • The application allows users to sort and filter the list of exported functions based on various criteria, such as function name, address, and ordinal.
  • It also provides the ability to save the exported function list as a text, HTML, or XML file.
  • DLL Export Viewer is a free application and does not require installation.
  • With DLL Export Viewer, users can easily determine the functions exported by a DLL file and use them in their own programs or libraries.

DebugView

Pasted image 20230316175955.png

  • DebugView is a software application that allows users to monitor debug output from Windows-based applications and services in real-time.
  • It captures debug messages generated by the application or service and displays them in a console window.
  • DebugView supports various debug output channels, including OutputDebugString, DbgPrint, and Win32 Trace APIs.
  • The application can capture debug output from both local and remote systems, making it useful for debugging distributed applications.
  • It provides users with powerful filtering capabilities, allowing them to filter the output based on different criteria, such as process name, message type, and message text.
  • DebugView also allows users to save the captured output to a file for later analysis.
  • It can be used to troubleshoot various issues, including application crashes, performance problems, and security vulnerabilities.
  • DebugView is a free application that can be used on Windows operating systems.
  • It is lightweight, portable, and does not require installation.

Dependencies

Pasted image 20230316180919.png

Process Hacker

Pasted image 20230316181140.png

  • Process Hacker is a powerful task manager and system monitor for Windows-based operating systems.
  • It allows users to view and manage processes, services, and network connections on their system in real-time.
  • Process Hacker provides detailed information about each process, including its CPU and memory usage, thread count, and priority.
  • It also allows users to view and edit process properties, such as its parent process, security attributes, and startup options.
  • The application provides users with advanced features, such as process termination, memory editing, and DLL injection.
  • Process Hacker also includes a powerful process search functionality, allowing users to search for specific processes based on different criteria, such as process name, PID, and command line parameters.
  • The application also allows users to monitor system performance metrics, such as CPU usage, disk activity, and network traffic.
  • It provides users with detailed information about each network connection, including its protocol, source and destination IP addresses, and port numbers.
  • Process Hacker is a free and open-source application that can be used on Windows operating systems.

ProcessExplorer

Pasted image 20230316181252.png

  • ProcessExplorer is an advanced task manager and system monitor for Windows-based operating systems.
  • It provides users with detailed information about processes, including their CPU and memory usage, thread count, and security attributes.
  • The application allows users to view and manage system resources, such as open handles, DLLs, and memory-mapped files.
  • ProcessExplorer provides users with advanced features, such as process and thread highlighting, process tree navigation, and process profiling.
  • It also includes a powerful search functionality, allowing users to search for specific processes and resources based on different criteria, such as name, PID, and module name.
  • The application provides users with the ability to suspend, resume, and terminate processes, as well as the ability to view and edit process properties.
  • ProcessExplorer is a free application that can be used on Windows operating systems.

ProcessMonitor

procmon-main.png

  • ProcessMonitor enables monitoring of system activity related to file system, registry, and network operations.
  • It allows users to capture and display real-time system activity, including file system and registry activity, process and thread activity, and network activity.
  • The application provides users with detailed information about each system event, including its timestamp, process ID, and operation details.
  • ProcessMonitor provides users with advanced filtering capabilities, allowing them to filter the captured activity based on various criteria, such as process name, operation type, and result code.
  • It also includes a powerful search functionality, allowing users to search for specific events based on different criteria, such as path, process name, and result code.
  • ProcessMonitor is a free application that can be used on Windows operating systems.
  • It is regularly updated with new features and improvements and has a large community of users and developers.

Dependency Walker

snapshot 1.png - Dependency Walker is a software application that allows users to view the dependencies of a Windows-based executable or DLL file. - It provides users with detailed information about the imported and exported functions, as well as the dependent modules, for a given file. - Dependency Walker also allows users to view the module's entry point, its delay-load dependencies, and the symbols it exports. - The application provides users with a graphical representation of the module's dependency tree, allowing them to easily identify missing or broken dependencies. - Dependency Walker also includes a profiling feature that allows users to monitor a process's module loading activity in real-time. - The application can be used to troubleshoot issues related to missing or broken dependencies, as well as to analyze the performance of module loading. - Dependency Walker is a free application that can be used on Windows operating systems.

x64dbg

slide1.png

  • x64dbg is a powerful and popular debugger for Windows-based operating systems.
  • It supports both 32-bit and 64-bit executables and provides users with advanced features, such as code and memory analysis, breakpoint management, and plugin support.
  • The application allows users to view and edit registers, memory, and disassembly of the debugged process, as well as to set and manage breakpoints and conditions.
  • x64dbg provides users with a powerful script engine, allowing them to automate and customize the debugging process.
  • It also includes a powerful search functionality, allowing users to search for specific instructions, strings, and memory regions in the debugged process.
  • x64dbg is a free and open-source application that can be used on Windows operating systems.

Tracing

API Monitor (rohitab.com)

main-window.png

  • API Monitor is a powerful debugging tool used by software developers to monitor and debug API calls made by their applications.
  • The tool is developed and maintained by Rohitab Batra, a software engineer and security researcher.
  • API Monitor supports monitoring of over 1,300 different API functions, including functions in Windows operating systems, third-party libraries, and custom APIs.
  • The tool allows developers to view detailed information about API calls, such as the parameters passed to the function and the return values.
  • With API Monitor, developers can quickly identify and diagnose issues with their applications by analyzing the behavior of the API calls made by the application.

Memory Analysis

MTuner

Hex Editors

ImHex

Other

wifiinfoview

Last update: 2023-03-30