Skip to content
GEF - GDB Enhanced Features for exploit devs & reversers
Python C Other
Branch: dev
Clone or download
hugsy Update irc-notify.yml
issue  notification should display issue.html_url not issue.url
Latest commit 2e58dd4 Nov 18, 2019

README.md

GDB Enhanced Features (a.k.a. GEF)

logo

GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.

gef-context

Instant Setup

Simply make sure you have GDB 7.7 or higher compiled with Python2 or Python3 bindings, then:

# via the install script
$ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh

# manually
$ wget -O ~/.gdbinit-gef.py -q https://github.com/hugsy/gef/raw/master/gef.py
$ echo source ~/.gdbinit-gef.py >> ~/.gdbinit

Then just start playing:

$ gdb -q /path/to/my/bin
gef➤  gef help

Highlights

A few of GEF features include:

  • One single GDB script.
  • Entirely OS Agnostic, NO dependencies: GEF is battery-included and is installable in 2 seconds (unlike PwnDBG).
  • Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible (unlike PwnDBG).
  • Provides a great variety of commands to drastically change your experience in GDB.
  • Easily extendable to create other commands by providing more comprehensible layout to GDB Python API.
  • Works consistently on both Python2 and Python3.
  • Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc. (unlike PEDA)
  • Suited for real-life apps debugging, exploit development, just as much as CTF (unlike PEDA or PwnDBG)

Check out the Screenshot page for more.

Documentation

Unlike other GDB plugins, GEF has an extensive and up-to-date documentation. Users are recommended to refer to it as it may help them in their attempts to use GEF. In particular, new users should navigate through it (see the FAQ for common installation problems), and the problem persists, try to reach out for help on the IRC channel or submit an issue.

Current status

Documentation License Compatibility IRC Test validation
ReadTheDocs MIT Python 2 & 3 IRC CircleCI status

Contribute

To get involved, refer to the Contribution documentation and the guidelines to start.

And special thanks to Pedro "TheZakMan" Araujo for the logo!.

Happy Hacking

You can’t perform that action at this time.