Fetching contributors…
Cannot retrieve contributors at this time
102 lines (73 sloc) 3.49 KB


python-ptrace is a debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python.

python-ptrace is an opensource project written in Python under GNU GPLv2 license.


  • High level Python object API : PtraceDebugger and PtraceProcess
  • Able to control multiple processes: catch fork events on Linux
  • Read/write bytes to arbitrary address: take care of memory alignment and split bytes to cpu word
  • Execution step by step using ptrace_singlestep() or hardware interruption 3
  • Can use distorm disassembler
  • Dump registers, memory mappings, stack, etc.
  • :ref:`Syscall tracer and parser <syscall>` ( command)


  • Supported operating systems: Linux, FreeBSD, OpenBSD
  • Supported architectures: x86, x86_64 (Linux), PPC (Linux), ARM (Linux EAPI)

Missing features:

  • Symbols: it's not possible to break on a function or read a variable value
  • No C language support: debugger shows assembler code, not your C (C++ or other language) code!
  • No thread support

Table of Contents


Project using python-ptrace

python-ptrace announces

ptrace usage

Similar projects

  • vtrace: Python library (Windows and Linux) supporting threads
  • subterfuge by Mike Coleman: Python library (Linux): contains Python binding of ptrace written in C for Python 2.1/2.2. It doesn't work with Python 2.5 (old project, not maintained since 2002)
  • strace program (Linux, BSD)
  • ltrace program (Linux)
  • truss program (Solaris and BSD)
  • pytstop by Philippe Biondi: debugger similar to gdb but in very alpha stage (e.g. no disassembler), using ptrace Python binding written in C (from subterfuge)
  • by Philippe Biondi
  • Fenris: suite of tools suitable for code analysis, debugging, protocol analysis, reverse engineering, forensics, diagnostics, security audits, vulnerability research
  • PyDBG: Windows debugger written in pure Python

Interesting articles