{"id":13843654,"url":"https://github.com/matrix1001/nadbg","last_synced_at":"2025-07-11T19:32:49.340Z","repository":{"id":96494571,"uuid":"184690373","full_name":"matrix1001/nadbg","owner":"matrix1001","description":"👀Dynamic memory watcher/tracer/analyzer for CTF pwn","archived":false,"fork":false,"pushed_at":"2020-07-11T00:38:44.000Z","size":149,"stargazers_count":52,"open_issues_count":0,"forks_count":6,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-08-05T17:38:26.521Z","etag":null,"topics":["ctf","debugger","memory-analysis","pwn"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/matrix1001.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-05-03T02:54:24.000Z","updated_at":"2023-08-09T20:37:40.000Z","dependencies_parsed_at":"2023-03-04T13:45:38.953Z","dependency_job_id":null,"html_url":"https://github.com/matrix1001/nadbg","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix1001%2Fnadbg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix1001%2Fnadbg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix1001%2Fnadbg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix1001%2Fnadbg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/matrix1001","download_url":"https://codeload.github.com/matrix1001/nadbg/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225755076,"owners_count":17519195,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","debugger","memory-analysis","pwn"],"created_at":"2024-08-04T17:02:22.189Z","updated_at":"2024-11-21T15:31:18.647Z","avatar_url":"https://github.com/matrix1001.png","language":"Python","funding_links":[],"categories":["Python (1887)","Python"],"sub_categories":[],"readme":"# nadbg - Not A Debugger\n\nnadbg is designed to analyze memory of the Linux process.\n\n__core feature__\n- ptrace free\n- extensible\n- easy to use\n- heap analyze (with heapinspect)\n- blabla......\n\n__future feature__\n\n- ASLR/PIE support\n- blabla......\n\n# usage\n\nbefore you use it, execute this.\n```sh\ngit submodule update\n```\n\nstart this application.\n\n```py\npython nadbg.py\n```\n\nuse `help` or `?` to get some help.\n\n## attach\n\nnadbg support `path`, `binary name`, `pid`.\n\n\n```\n[nadbg] /bin/cat \u003e attach /usr/bin/cat\nattach /usr/bin/cat success. pid: 10696\n[nadbg] /usr/bin/cat \u003e\n```\n\n```\n[nadbg]  \u003e attach cat\nattach cat success. pid: 10696\n[nadbg] cat \u003e\n```\n\n```\n[nadbg]  \u003e attach 10696\nattach 10696 success. pid: 10696\n[nadbg] 10696 \u003e\n```\n\n## memory dump\n\nmemory dump is similar to those of `pwndbg`.\n\n```\n[nadbg] /usr/bin/cat \u003e dq 0x7fffffffe270 4\n0x7fffffffe270: 0000000000000001 00007fffffffe588\n0x7fffffffe280: 0000000000000000 00007fffffffe595\n[nadbg] /usr/bin/cat \u003e dd 0x7fffffffe270 4\n0x7fffffffe270: 00000001 00000000 ffffe588 00007fff\n[nadbg] /usr/bin/cat \u003e db 0x7fffffffe270 16\n0x7fffffffe270: 01 00 00 00 00 00 00 00 88 e5 ff ff ff 7f 00 00\n[nadbg] /usr/bin/cat \u003e ds 0x7fffffffe588 13\n'/usr/bin/cat\\x00'\n```\n\n## memory search\n\nmemory search is similar to that of `peda`.\n\n```\n[nadbg] /usr/bin/cat \u003e find /bin/cat\n[0] 0x7fffffffe58c\n[1] 0x7fffffffefcd\n[2] 0x7fffffffefef\n[nadbg] /usr/bin/cat \u003e find 0x7fffffffe588\n[0] 0x55555555f278\n[1] 0x7fffffffe278\n```\n\n## memory watch\n\n`memory watcher` is designed to scan/print memory.\n\nwell, it's designed to free you from `dq`, `dq` and `dq`. :)\n\n```\n[nadbg] /usr/bin/cat \u003e wq 0x7fffffffe278 1\n[nadbg] /usr/bin/cat \u003e ws 0x7fffffffe588 13\n[nadbg] /usr/bin/cat \u003e p\n[0] 1 qword\n0x7fffffffe278: 00007fffffffe588\n[1] 13 str\n0x7fffffffe588: '/usr/bin/cat\\x00'\n[nadbg] /usr/bin/cat \u003e\n```\n\nalso, there's a loop printer for you. by default, it has a scan interval of 1 sec. it will only print message when the watched memory changed.\n\n```\n[nadbg] /usr/bin/cat \u003e print_forever\n[0] 1 qword\n0x7fffffffe278: 00007fffffffe588\n[1] 13 str\n0x7fffffffe588: '/usr/bin/cat\\x00'\n\n[0] 1 qword\n0x7fffffffe278: 00007fffffffe588\n[1] 13 str\n0x7fffffffe588: '\\xef\\xbe\\xad\\xde/bin/cat\\x00'\n\n[0] 1 qword\n0x7fffffffe278: 00007fffdeadbeef\n[1] 13 str\n0x7fffffffe588: '\\xef\\xbe\\xad\\xde/bin/cat\\x00'\n\n^C\nKeyboardInterrupt\n```\n\njust use `ctrl + c` to stop it.\n\n## process info\n\njust some process infomation you need to know.\n\n`info`\n\n```\n[nadbg] cat \u003e info\nprocess path: /usr/bin/cat\narch: 64\nlibc: /usr/lib/x86_64-linux-gnu/libc-2.28.so\nprog address: 0x555555554000\nlibc address: 0x7ffff7dec000\n```\n\n`vmmap`\n\n```\n[nadbg] cat \u003e vmmap\nMap(\"/usr/bin/cat\", 0x555555554000, 0x555555556000, \"r--p\")\n......\nMap(\"/usr/lib/x86_64-linux-gnu/libc-2.28.so\", 0x7ffff7dec000, 0x7ffff7e0e000, \"r--p\")\n......\nMap(\"[stack]\", 0x7ffffffde000, 0x7ffffffff000, \"rw-p\")\n```\n\n`canary`\n\n```\n[nadbg] cat \u003e canary\n0x4456b914aa845400\n```\n\n`address`\n\n```\n[nadbg] cat \u003e info bases\n[vdso]: 0x7ffff7fd3000\nlibc: 0x7ffff7dec000\nld-2.28.so: 0x7ffff7fd5000\nheap: 0x0\nmapped: 0x7ffff7fa9000\nprog: 0x555555554000\nstack: 0x7ffffffde000\n[vvar]: 0x7ffff7fd0000\n```\n\nwell, `heap: 0x0` means there is no heap.\n\n## heapinspect\n\nJust use `hi` to print help message. Then use it.\n\n```\n[nadbg] /usr/bin/dash \u003e hi heap\n=========================  HeapInspect  =========================\nlibc_version:2.28\narch:64\ntcache_enable:True\nlibc_base:0x7f1e68ab6000\nheap_base:0x563073660000\n\n\n\n(0x80)    entries[6] -\u003e 0x563073660bc0\n(0x210)    entries[31] -\u003e 0x563073660c40\ntop: 0x563073660e40\nlast_remainder: 0x0\nunsortedbins: None\n[nadbg] /usr/bin/dash \u003e\n```\n\n\n\n## other?\n\ntell me what you want. then i make one for you.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrix1001%2Fnadbg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatrix1001%2Fnadbg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrix1001%2Fnadbg/lists"}