Where communities thrive

Join over 1.5M+ people
Join over 100K+ communities
Free without limits
Create your own community

Explore more communities

x64dbg/x64dbg

An open-source x64/x32 debugger for windows.

People

Repo info

Activity

Apr 09 16:01

theguly commented #1733
Apr 04 09:43

mrexodia commented #1453
Apr 04 09:23

vidalv commented #1453
Apr 03 22:06

mrexodia commented #1456
Apr 03 20:37

idevnasty commented #1456
Apr 03 14:11

mrexodia labeled #1456
Apr 03 14:11

mrexodia unlabeled #1456
Apr 03 14:11

mrexodia labeled #1456
Apr 03 14:11

mrexodia commented #1456
Apr 03 14:08

mrexodia commented #1456
Apr 03 14:08

mrexodia commented #1456
Apr 03 14:08

mrexodia commented #1456
Apr 03 14:04

mrexodia commented #1456
Apr 03 13:23

idevnasty commented #1456
Apr 03 11:32

mrexodia commented #1456
Apr 03 04:08

idevnasty commented #1456
Apr 03 03:52

MulleDK19 commented #2318
Apr 03 03:49

MulleDK19 commented #2318
Apr 03 02:51

mrexodia commented #1456
Apr 02 19:40

idevnasty commented #1456

x64dbgbot

@x64dbgbot

<dummyz> to make x64dbg aware

x64dbgbot

@x64dbgbot

<mrexodia> they are labels correct?

<mrexodia> as in they are listed if you go to view -> labels

<mrexodia> or they are symbols from the pdb?

x64dbgbot

@x64dbgbot

<dummyz> let me check

<dummyz> no no pdb

<dummyz> imported using ghidra2x64dbg plugins

<dummyz> nope

<dummyz> no labels

<dummyz> sorry they are

<dummyz> wasnt fully refreshed

<mrexodia> Hm

<mrexodia> So in theory if you enter the full name in the goto window it should work

<dummyz> so expression or ?

<dummyz> oh yeah you are right

<dummyz> ws thinking that completion works

<dummyz> but it not the case

<mrexodia> Yeah that’s a thing left to do

<dummyz> ok :)

<mrexodia> But it will require significant refactoring unfortunately

<dummyz> oh crap

<dummyz> ok will leave without it :D

<dummyz> anyway question question not on x64dbg for you

<dummyz> do you know if procdump will see if the binary put something in temp ?

<dummyz> had a weird behavior, im steping in x64dbg, where I know that the binary is storing something in temp, after steping procdump doesnt show it to me

<dummyz> but normaly procdump must show every action of a process, right ?

x64dbgbot

@x64dbgbot

<dummyz> do you have better tools than procdump for such analysis ?

x64dbgbot

@x64dbgbot

<mrexodia> Don’t know, procdump usually works for me but sometimes it doesn’t show anything whatsoever

x64dbgbot

@x64dbgbot

<dummyz> found why

<dummyz> they are default fucking filter

<dummyz> that hide temp stuff

<dummyz> ...

<mrexodia> 😃

x64dbgbot

@x64dbgbot

<gand0lf> https://github.com/DavidXanatos/Sandboxie

<kaens> They finally did it

x64dbgbot

@x64dbgbot

<jvoisin> is this useful?

<jvoisin> iirc, Windows provides throw-away VM natively now

x64dbgbot

@x64dbgbot

<gand0lf> its mostly useful from a research standpoint

<gand0lf> pretty sure thats the reason the source was released.

<gand0lf> plenty alternatives now

<jvoisin> to do what?

<jvoisin> everybody is running VM

x64dbgbot

@x64dbgbot

<gand0lf> I mean, VM are heavy, theres still applications for sandboxes imo..more lightweight, configurable, etc.

<gand0lf> But yea MS is pushing HyperV hard

<gand0lf> but there were rumors of it bring back that Sandbox they released

<gand0lf> bringing*

<_tjr_> indeed, i still use sandboxie every day to install software that i need but don't want to bloat the rest of my system with. a full vm for each of those would be total overkill. i'm glad to see sophos finally followed through with releasing the code.

x64dbgbot

@x64dbgbot

<jvoisin> make sense

x64dbgbot

@x64dbgbot

<OneShotWP> Need some help 😦

x64dbgbot

@x64dbgbot

<Atn> Check AdvancedScript plugin as I remember they ware a command call registerall I think it will do what you want (re @x64dbg_bot: <Marc-A> Hello,
I would like to know if it's possible to trace all the executed instructions of a program, from beginning to end, and save it as a plain text file.
I don't understand how that option work in x64dbg, and what is can, or can't, do.)