
Learn immunity debugger for exploit development and binary analysis, via a hands-on lab, Windows or Linux installation via wine, and python-extensible features that cut development time.
Install Immunity Debugger on Linux using Wine and Python 2.7. Verify 32-bit or 64-bit architecture, then download from the official Immunity site or Softpedia and launch the debugger.
Install immunity debugger on Windows by choosing the official site or Softpedia download, fill the download form, run the installer (and Python if required), and verify the successful setup.
Load the immunity debugger file, set a startup port argument, and run the program; attach to a running process for debugging and restart as needed.
Explore the immunity debugger cpu window, with four subwindows for disassembly, registers, memory, and stack; inspect entry point, instruction pointer, flags, and stack changes as you step through.
Explore execution controls in Immunity Debugger to manage flow with restart, run, pause, step into, step over, trace, and view entries, animate or execute return or jump to addresses.
Explore Immunity Debugger views such as the call stack, watches, breakpoints, run trace, and source windows, and learn to step into functions, inspect arguments, and track function calls.
Explore stack operations in Immunity Debugger using the right-click menu to view addresses, modify values, push data, and search or navigate ESB and EVP relationships.
Explore disassembler operations: backup, copy, and binary editing within the disassembly window, including save/load backups, copy to files, fill with zeros or knobs, and assemble changes.
Label functions to mark their logic and see replaced addresses in Immunity Debugger, and add comments, headers, and variable modifications to clarify assembly instructions.
Learn to set and manage breakpoints in Immunity Debugger, including conditional, unsafe, memory, and hardware breakpoints, and inspect logs and execution flow.
Learn fine-grained tracing in the disassembler using hit trace, run trace, and trace all recognized procedures to verify which instructions and functions execute.
Explore the Immunity Debugger's disassembly navigation controls, including new origin, go to, go to expression, next/previous, and view caller with subsequent function calls.
Learn to use Immunity's search menu to locate names, labels, commands, sequences, strings, and user defined items across modules, then use find references to jump to addresses.
Explore disassembler operations in Immunity Debugger, view modules, switch address displays between relative and absolute, copy edits to an executable, and use analysis, conditional breakpoints, argument logging to inspect functions.
Learn to use the Immunity Debugger command line to run executables, restart, set breakpoints at memory addresses, and navigate to log or CBO windows with commands.
Attach a just in time debugger to a running process to capture crashes and fatal errors, demonstrated with Immunity Debugger on Windows 7 and registry options.
Immunity Debugger is the go to debugger for most security professionals. Immunity Inc describes it as a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
Note: To know about offers on this course, check out our website yaksas-dot-io
To enroll in our Hands-on Fuzzing and Exploit Development courses, check out our website yaksas-dot-io
This course covers both, well-known and lesser-known, features of Immunity Debugger. Few of the key topics discussed in this course are as follows:
Download and Installation
Views
Stack Operations
Disassembler Operations
Breakpoints, stepping through, tracing etc.
PyCommands and Mona Library
Just-in-time debugging
... and a lot more
A good understanding of Immunity Debugger comes in handy while exploit development, backdooring PE files, encoding files for anti-virus evasion. Once you have completed this course, you will be a lot more comfortable with Immunity Debugger and you'll know which features to use to perform each of the previously mentioned activities.
Since other debuggers like Ollydbg (Olly debug), evans debug etc. have a similar interface, through this course you can learn how to use them as well. I have created this course with the vision that it becomes your go to reference guide for Immunity Debugger and other similar debuggers.