CDB-PIg is a plugin for cdb, but not windbg.
You can use it in CMD.
Thanks to project voltron, which help me to achieve hook-stop.
Thanks to project peda.actually,CDB-PIG is peda in WINDOWS.
registers,disassemble,stackin every step- use
cdbinitto run command in the start of cdb - you can customize your command in
pig.py,please comply with the standard.Here is the demo code:
def test(self, tname1="RedBoy", tname2="KeGua"):
"""
Test for command and args.
Args:
- tname1(string): test name 1
- tname2(string): test name 2
"""
wprint("Mutepig say hello to %s and %s!" % (tname1, tname2), "lightred")
print("")
- you can see memory every step, and when changed it will be highlight.
watch d[b,d,q,p,w] address number
- more command in
help
- install windbg & python & pip in WINDOWS, and add them into envionment variables.
- change
PYTHON_PATH&WINDBG_PATHinsetup.bat, then run it as Administrator. (if it doesn't work, installpykdby yourself) - run command and see if it works.
cdbpig
- jump or not
- call argument
- customize command
- memory
if you have any question or suggestion, please contact with me!
enjoy it!