Flare-Qdb - Command-line And Python Debugger For Instrumenting And Modifying Native Software Behavior On Windows And Linux

flare-qdb is a command-line and scriptable Python-based tool for evaluating and manipulating native program state. It uses Vivisect to set a breakpoint on each queried instruction and executes Python code when hit. flare-qdb frees the analyst to take a nonlinear approach to dynamic analysis that...

FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...

FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...

FLARE Script Series: Automating Obfuscated String Decoding

Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering FLARE script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an...