Immunity releases new exploit-writing tool |
 |
By Bill Brenner, Senior News Writer
07 Aug 2007 | SearchSecurity.com |
|
|
Immunity Inc., a Miami-based company specializing in penetration testing technology, has released a new tool to quicken the process of writing exploits, analyzing malware and reverse engineering binary files.
|
|
|
|
|
It seems to take the best of command line interfaces as well as the GUI ones and combined it into one package.
Scott Fendley,
handler, SANS Internet Storm Center
|
|
|
|
|
|
|
|
|
|
The organization unveiled Debugger at the Defcon conference in Las Vegas Friday. Immunity claims Debugger will help researchers and penetration testers cut their exploit-making time in half, with "simple, understandable interfaces [and] a robust and powerful scripting language for automating intelligent debugging."
The company also claims the tool has better connectivity to fuzzers and exploit development tools.
"It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility," Immunity said on its Web site.
The Immunity team said in an online statement that the main objective in developing Debugger was to "combine the best of the command line-based and GUI-based debugger worlds."
Early reaction appears positive for Debugger, which can be downloaded from the Immunity Web site for free.
"Some are trying [Immunity Debugger] one out as it seems to take the best of command line interfaces as well as the GUI ones and combined it into one package," Scott Fendley, a handler with the Bethesda, Md.-based SANS Internet Storm Center (ISC), wrote in an ISC Web site entry on debugging technology.
For those looking to test different debugging tools against Debugger, Fendley suggested IDA Pro from DataRescue and OllyDbg, shareware some analysts say is easier to use to than other tools.
|
