gdb is the most commonly used debugger. The base installation is super user-friendly and offers a rich feature set. It is also very easy to extend with plugins.
Nearly every challenge dissected in this guide used gdb, with a few exceptions.
{% hint style="info" %}
gdb has a LOT of features. This guide covers the ones that are most commonly used in everyday settings. If you want to read more, check out this summary guide.
{% endhint %}
Installation of gdb is extremely simple:
pip install gdbTo extend its feature set, we will also install the gdb-gef extension. More information can be found here. GEF allows live previews of the instruction set, the registers, and the stack. This allows us to easily do a dynamic analysis of the binary.
To install GEF, use the following command:
$ bash -c "$(wget https://gef.blah.cat/sh -O -)"{% hint style="info" %}
Other plugins out there are equally effective. Notable plugins are pwndbg and peda.
They all offer very similar feature sets. I personally like GEF the best, but feel free to use whichever one you like. Read this article if you want to install more than one and build a local version manager. {% endhint %}
We run gdb on the binary that we want to analyze. The plugin will automatically run when we run the binary.
gdb <binary>