Skip to content

Releases: MZHeader/macdbg

Release list

v1.0.0

Choose a tag to compare

@MZHeader MZHeader released this 04 Jul 16:17

First release of macdbg, a Textual TUI for Apple's system LLDB.

Included in this release:

  • Multi-pane view of the running process. Disasm, registers, stack, memory, breakpoints, threads, modules, trace, and a console at all times.
  • Register auto-annotation. Each value gets resolved to a symbol, a printable string, a one-hop pointer chase, or a raw peek if the address falls in a loaded module.
  • In-place editing of registers and memory rows via right-click. Direct SBValue and SBProcess writes with read-back verification.
  • Breakpoint scripting UI. Right-click a bp row for a full-screen editor that saves back to the breakpoint's command list. Output from auto-continue scripts is captured through a pipe and printed in the console.
  • Syscall and network tracer (Ctrl+T) with 60+ symbols across file, process, and network APIs. Caller-depth filter that catches indirect dispatch through GCD, objc_msgSend, libcurl, and CFNetwork. Scope cycles with Ctrl+Y.
  • Anti-anti-debug menu (Ctrl+D) with PT_DENY_ATTACH symbol hook, direct-syscall ptrace scan, Mach exception port cloak, and hardware BP modes for user and tracer breakpoints. Verified end-to-end against a canary that runs all four checks.
  • Command palette (Ctrl+P) that fuzzy-matches over every lldb command with lldb's own help text.
  • ASLR disabled by default so addresses stay stable across runs.
  • Textual vendored under ./vendor so the wrapper runs offline on a fresh clone.

Requires macOS with Xcode Command Line Tools and system Python at /usr/bin/python3.