Immunity releases new exploit-writing tool

Pen testing company says its Debugger tool offers researchers a new way to write exploits, analyse malware and reverse engineer binary files.

Immunity a company specialising in penetration testing technology, has released a new tool to quicken the process of writing exploits, analysing malware and reverse engineering binary files.

 It seems to take the best of command line interfaces as well as the GUI ones and combined it into one package.
Scott Fendley,
handlerSANS Internet Storm Center

The organisation unveiled Debugger at the Defcon conference in Las Vegas Friday. Immunity claims Debugger will help researchers and penetration testers cut their exploit-making time in half, with "simple, understandable interfaces [and] a robust and powerful scripting language for automating intelligent debugging."

The company also claims the tool has better connectivity to fuzzers and exploit development tools.

"It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility," Immunity said on its Web site.

The Immunity team said in an online statement that the main objective in developing Debugger was to "combine the best of the command line-based and GUI-based debugger worlds."

"Some are trying [Immunity Debugger] one out as it seems to take the best of command line interfaces as well as the GUI ones and combined it into one package," Scott Fendley, a handler with the SANS Internet Storm Center (ISC), wrote in an ISC Web site entry on debugging technology.

For those looking to test different debugging tools against Debugger, Fendley suggested IDA Pro from DataRescue and OllyDbg, shareware some analysts say is easier to use to than other tools.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: